www.databreachtoday.com Open in urlscan Pro
50.56.167.254 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x
Effective URL:
https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_AR...
Submission: On October 08 via api (October 8th 2020, 12:08:27 am UTC) from US

Summary HTTP 231 Redirects Links 78 Behaviour Indicators

Summary

This website contacted 34 IPs in 8 countries across 32 domains to perform 231 HTTP transactions. The main IP is 50.56.167.254, located in San Antonio, United States and belongs to RMH-14, US. The main domain is www.databreachtoday.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on April 16th 2020. Valid for: a year.

This is the only time www.databreachtoday.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	199.15.215.8 199.15.215.8	15224 (OMNITURE) (OMNITURE)
29	50.56.167.254 50.56.167.254	33070 (RMH-14) (RMH-14)
1	2a00:1450:400... 2a00:1450:4001:825::200a	15169 (GOOGLE) (GOOGLE)
4	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
87	2.18.233.88 2.18.233.88	16625 (AKAMAI-AS) (AKAMAI-AS)
7	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
2	104.109.95.62 104.109.95.62	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:81f::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
14	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:81b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	192.28.147.68 192.28.147.68	15224 (OMNITURE) (OMNITURE)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
6	34.249.122.179 34.249.122.179	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:2b0... 2a02:26f0:2b00:7b2::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	104.20.4.43 104.20.4.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:2800:134... 2606:2800:134:1a0d:1429:742:782:b6	15133 (EDGECAST) (EDGECAST)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.202.64.133 34.202.64.133	14618 (AMAZON-AES) (AMAZON-AES)
5	2606:4700::68... 2606:4700::6812:a813	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.64.134 151.101.64.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1 2	2a05:f500:10:... 2a05:f500:10:101::b93f:9105	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.30.78.155 52.30.78.155	16509 (AMAZON-02) (AMAZON-02)
1 1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
2 2	54.229.91.186 54.229.91.186	16509 (AMAZON-02) (AMAZON-02)
2 2	52.49.190.28 52.49.190.28	16509 (AMAZON-02) (AMAZON-02)
1 2	3.121.27.153 3.121.27.153	16509 (AMAZON-02) (AMAZON-02)
1	178.79.227.76 178.79.227.76	22822 (LLNW) (LLNW)
1 4	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	104.20.5.43 104.20.5.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
231	34

1 199.15.215.8 (United States)

ASN15224 (OMNITURE, US)

links.ismgcorp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 50.56.167.254 (San Antonio, United States)

ASN33070 (RMH-14, US)

www.databreachtoday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

87 2.18.233.88 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-88.deploy.static.akamaitechnologies.com

130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.95.62 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a07eecf948766f3b478132bbbeedf0f6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:81b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.28.147.68 (United States)

ASN15224 (OMNITURE, US)

051-zxi-237.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bankinfosecurity.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.249.122.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:2b00:7b2::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

sjs.bizographics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.20.4.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vue.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.64.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-64-133.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6812:a813 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:f500:10:101::b93f:9105 (Ireland) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.78.155 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.91.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-91-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.190.28 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-190-28.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.27.153 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.227.76 (Italy)

ASN22822 (LLNW, US)
PTR: https-178-79-227-76.vie.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.149 (Southampton, United Kingdom) 1 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.5.43 (United States)

ASN13335 (CLOUDFLARENET, US)

chatserver3.comm100.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
87	rackcdn.com 130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com 0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com 4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com 75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com 6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com 21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com 752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	9 MB
29	databreachtoday.com www.databreachtoday.com	359 KB
27	googlesyndication.com a07eecf948766f3b478132bbbeedf0f6.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	653 KB
15	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	112 KB
8	googletagservices.com www.googletagservices.com	214 KB
7	ml314.com ml314.com in.ml314.com	16 KB
5	disquscdn.com c.disquscdn.com	224 KB
5	comm100.com chatserver.comm100.com vue.comm100.com chatserver3.comm100.com	248 KB
5	gstatic.com fonts.gstatic.com	45 KB
4	google-analytics.com www.google-analytics.com	18 KB
4	google.com adservice.google.com www.google.com	168 B
3	sitescout.com pixel.sitescout.com	458 B
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	2 KB
3	disqus.com bankinfosecurity.disqus.com disqus.com	30 KB
3	addthis.com s7.addthis.com m.addthis.com	114 KB
2	basis.net 1 redirects cdn01.basis.net pixel-a.basis.net	1 KB
2	eyeota.net 1 redirects ps.eyeota.net	1023 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	1020 B
2	adsrvr.org 2 redirects match.adsrvr.org	926 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	twimg.com pbs.twimg.com	4 KB
2	mktoresp.com 051-zxi-237.mktoresp.com	622 B
2	marketo.net munchkin.marketo.net	7 KB
1	rlcdn.com 1 redirects idsync.rlcdn.com	189 B
1	licdn.com snap.licdn.com	2 KB
1	addthisedge.com v1.addthisedge.com	251 B
1	bizographics.com sjs.bizographics.com	761 B
1	google.de adservice.google.de	168 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	43 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	ismgcorp.com links.ismgcorp.com	984 B
231	32

	Domain	Requested by
29	www.databreachtoday.com	links.ismgcorp.com www.databreachtoday.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
21	130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com	www.databreachtoday.com
16	dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com	www.databreachtoday.com
15	75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com	www.databreachtoday.com
14	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net links.ismgcorp.com www.databreachtoday.com
10	0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com	www.databreachtoday.com
8	www.googletagservices.com	www.databreachtoday.com securepubads.g.doubleclick.net
6	ml314.com	www.databreachtoday.com ml314.com
6	6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com	www.databreachtoday.com
5	pagead2.googlesyndication.com	www.databreachtoday.com securepubads.g.doubleclick.net
5	c.disquscdn.com	bankinfosecurity.disqus.com
5	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.databreachtoday.com www.google-analytics.com
4	752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com	www.databreachtoday.com
4	21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com	www.databreachtoday.com
4	fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com	www.databreachtoday.com
4	4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com	www.databreachtoday.com
3	pixel.sitescout.com	www.databreachtoday.com
3	chatserver3.comm100.com	vue.comm100.com
3	www.google.com	securepubads.g.doubleclick.net
3	f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com	www.databreachtoday.com
2	ps.eyeota.net	1 redirects www.databreachtoday.com
2	sync.crwdcntrl.net	2 redirects
2	match.adsrvr.org	2 redirects
2	dpm.demdex.net	1 redirects www.databreachtoday.com
2	px.ads.linkedin.com	1 redirects www.databreachtoday.com
2	disqus.com	bankinfosecurity.disqus.com
2	pbs.twimg.com	www.databreachtoday.com
2	051-zxi-237.mktoresp.com	munchkin.marketo.net
2	munchkin.marketo.net	www.databreachtoday.com munchkin.marketo.net
2	s7.addthis.com	www.databreachtoday.com s7.addthis.com
1	pixel-a.basis.net	1 redirects
1	cdn01.basis.net	www.googletagmanager.com
1	idsync.rlcdn.com	1 redirects
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	vue.comm100.com	chatserver.comm100.com
1	in.ml314.com	ml314.com
1	snap.licdn.com	sjs.bizographics.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	chatserver.comm100.com	www.databreachtoday.com
1	sjs.bizographics.com	www.databreachtoday.com
1	bankinfosecurity.disqus.com	www.databreachtoday.com
1	a07eecf948766f3b478132bbbeedf0f6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	z.moatads.com	s7.addthis.com
1	www.googletagmanager.com	www.databreachtoday.com
1	fonts.googleapis.com	www.databreachtoday.com
1	links.ismgcorp.com
231	52

This site contains links to these domains. Also see Links.

Domain
www.bankinfosecurity.com
www.cuinfosecurity.com
www.govinfosecurity.com
www.healthcareinfosecurity.com
www.inforisktoday.com
www.careersinfosecurity.com
www.devicesecurity.io
www.fraudtoday.io
www.paymentsecurity.io
www.databreachtoday.co.uk
www.databreachtoday.eu
www.databreachtoday.in
www.databreachtoday.asia
ffiec.bankinfosecurity.com
omnibus.healthcareinfosecurity.com
ddos.inforisktoday.com
ransomware.databreachtoday.com
gdpr.inforisktoday.com
covid19.inforisktoday.com
events.ismg.io
www.facebook.com
twitter.com
www.linkedin.com
www.twitter.com
securelist.com
www.uefi.org
media.kasperskycontenthub.com
www.welivesecurity.com
t.co
www.bankinfosecurity.asia
securityintelligence.inforisktoday.com
ismg.io

Subject Issuer	Validity	Valid
ismg.io Go Daddy Secure Certificate Authority - G2	`2020-04-16` - `2021-07-26`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert SHA2 Secure Server CA	`2020-04-19` - `2021-07-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-09-22` - `2020-12-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-09-03` - `2020-11-26`	3 months	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
js.bizographics.com DigiCert SHA2 Secure Server CA	`2020-03-23` - `2022-03-28`	2 years	crt.sh
*.comm100.com DigiCert SHA2 Secure Server CA	`2020-02-12` - `2022-04-15`	2 years	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2020-08-05` - `2021-02-05`	6 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.eyeota.net Let's Encrypt Authority X3	`2020-08-31` - `2020-11-29`	3 months	crt.sh
cdn01.basis.net Sectigo RSA Domain Validation Secure Server CA	`2019-06-13` - `2021-06-12`	2 years	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh

This page contains 15 frames:

Primary Page: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Frame ID: 022D491C876E36166C4D2ECFCD79F928
Requests: 172 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvySNC5oqJiphJfQxUZkt6z_-drgkZMsoVBBtxKvzcV5g6LaOTo7Fz9FNf8g7QW1ItW2udypH_JTNHgh36Czmr99AtUs4cVGJNFC3F9VIchfb_00DonYcU7kj_d_hOEI2Dq_6wx2ipg2pslhWb4u2sBUeEsk52imqfA6fWwXDLjbn95DpVm3fri854ZQKEboPa0Yb9TkK8eUwnGuy_NJa0YlFcVJBJgscJPJBqsweOkUmPMzvS5JmfeSciPPzoevOAzC3GzDW9BD-3Ll34uOA&sig=Cg0ArKJSzM27eEWKS5k2EAE&adurl=
Frame ID: CAFEFCC2D8864C56DADF09D9CFD961DF
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU5753VCYcfsBobxUMxsDKRkwCni7rSqnab5skUoP8D9yidhAtlAagM5dwlnl4BuPYzCYfH9rFV9M8THLZAtu95bSmPUxPMtw80pDqD8UAro5liSp99-g0GXEIBDfs8Ma8j1mLiCwtrSVpMUG7cqTIPQgqA4hTtmi63yxqLCsX7DxGso0LcLjKvJN0sFWg0_vEwnCX5lOpLavzh0zeTECWRLTgSwA7BI-2_qpg33gHWI3cG6Jkh_WLvexXcKr9d2s-RuhXigPZ254-0tZ6HZDmFgs&sig=Cg0ArKJSzJx61N_iVkBKEAE&adurl=
Frame ID: EEFD6497A517DA78B463B3B357EB57FA
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdAAC5U4-IShSJBudH8zWcPDwWWDTyuy_cJmGCLByCpbioN6DdTBowW8MdddgFNy-7uIdsSj09P4C7jyKzS3oxmtB6wd78AJzvxU0j-EoACfi8YqI8oQHTvIYGZX-5cwFbJrwGD8I9PzrQqIqoWORHWfS9hhsMEwUrZmki_DsSLsQiLZ2b0PYC5pli3ssO6zZW95zijrHLRQni3c_0wDG5oLdoE032bQM_6mlwgI1i6RUNwnLxWJw5dhD_KAT7TZxVqfJCbMj1J0sSeCVQ8v0SP-FkdA&sig=Cg0ArKJSzBPMlAH5X4hBEAE&adurl=
Frame ID: 54F53D14F10ABF244F6DFF4FACF27746
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHXFPgwdOPB0pUAJw2kn4GS_GbTPoDkCzuVF3dnfjxsIOr5Wns0prL4WfIVmO56Yk5j2lRYiqPmpONOeY3B986XYNTqZQZ8OVBUC8oT1fPQ54j2vnF8jL1vn3en32KpkYcFGJndw7Js4XLII_XWFFL5vED5l8DmNpqi_H1g6FG6qwTA7diaf1slcgv4oxMWvdlwmAP6jyoZBInzz9Zd1zsm7ltgEdl5EjTa0WfsNM7BhH-JJCElI-rARjZY565enznKhzoWNyHMh20sXymoWCu4A0&sig=Cg0ArKJSzPzx2qjI5H4kEAE&adurl=
Frame ID: A2CD371D5FF3EBBC7A9926A45E37F446
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFZUCkD4WL1FLIJtSmwiIJu4riBwF-OYcz-jQzZBDbbMyjGPtbeLniMHc8aVFocxo-A2AY9Fwb0lioRz_MvuAvUFMPyRvg9ebuMBb9C6xBP0SXfh6t0vLPoOuT463fbkVnfogVjXjAdawaOr1p7wE2IcBKcW8AbXOPF2WJgYDMV74sXArxKzTq-fuQRmWpfS-pBvOKzewoeO3BmoBc20XAwbrzzVUXxWeD1C4MtSxWSIQm6_Q4W100KIws0jDYnpiJ--QF2zOPnHF4-PexUUM3fA&sig=Cg0ArKJSzP6iN6LAmriqEAE&adurl=
Frame ID: AE434D8732F1255804B16B1D50260006
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWkEMtKTfrmNm4LiOWUzq7LwhT4pgsb-aPuHQYLS8sDkeaMX_8pOFq8t01q3dEAjGfwrYqr6DAKCc3AsOAxduNClq7j2yTzMs5a6sStGMGgZcS1p1wlfFLfE-hoZ47_yd6-9UkYCJigU3FR6M55nRfoyupJiAZlJnoJaKz4BetsDh3yQvLRvNLTo1_wAMeVsmyEsdgyb0RjbYPJpWrqr0bl8uofsKCIRkA6hNI5MVxeOZZsAdpzAjH9Ygu1t4DIbZaN4lyjwlgX9VShI4-GDsS&sig=Cg0ArKJSzP7IrLP8_2SFEAE&adurl=
Frame ID: 410377EA0761D49476AC920DA1BCB897
Requests: 9 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B3CF994A2BD59FC9F02623DE2B2B9BF1
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 33818D44FDFA2BC885E28E2D851F7A45
Requests: 1 HTTP requests in this frame

Frame: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Frame ID: D8F80C021CB2F31696654C0123E91DD2
Requests: 4 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120&t_d=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&t_t=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&s_o=default
Frame ID: 7D856CE9508D23AA45ED5D48BBBF4F01
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html
Frame ID: 28D9A6B36A5DB05A40896FD14B948E92
Requests: 1 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 2A0BBAF22856592A08F0DB579D06AEBF
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 621B7BAC593E76DD4C6E17E63D82F266
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 59730784623F3FF08F1B7714F02CB401
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x Page URL
https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENE... Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

231
Requests

96 %
HTTPS

43 %
IPv6

32
Domains

52
Subdomains

34
IPs

8
Countries

11372 kB
Transfer

17979 kB
Size

1
Cookies

78 Outgoing links

These are links going to different origins than the main page.

URL: https://www.bankinfosecurity.com/
Title: BankInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.cuinfosecurity.com/
Title: CUInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.govinfosecurity.com/
Title: GovInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.healthcareinfosecurity.com/
Title: HealthcareInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.inforisktoday.com/
Title: InfoRiskToday

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/
Title: CareersInfoSecurity

Search URL Search Domain Scan URL

URL: https://www.devicesecurity.io/
Title: DeviceSecurity

Search URL Search Domain Scan URL

URL: https://www.fraudtoday.io/
Title: FraudToday

Search URL Search Domain Scan URL

URL: https://www.paymentsecurity.io/
Title: PaymentSecurity

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.co.uk/
Title: UK

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.eu/
Title: Europe

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.in/
Title: India

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.asia/
Title: Asia

Search URL Search Domain Scan URL

URL: https://ffiec.bankinfosecurity.com/
Title: FFIEC

Search URL Search Domain Scan URL

URL: https://omnibus.healthcareinfosecurity.com/
Title: HIPAA Omnibus

Search URL Search Domain Scan URL

URL: https://ddos.inforisktoday.com/
Title: DDoS

Search URL Search Domain Scan URL

URL: https://ransomware.databreachtoday.com/
Title: Ransomware

Search URL Search Domain Scan URL

URL: https://gdpr.inforisktoday.com/
Title: GDPR

Search URL Search Domain Scan URL

URL: https://covid19.inforisktoday.com/
Title: COVID-19

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-chicago-il-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-london-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-summit-bangalore-2020/

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-seattle-wa-2020/

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/redefining-mobile-security-and-works-w-2273

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/ethics-ml-ai-w-2274

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/developing-cyber-resilient-systems-national-imperative-for-critical-w-2260

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/best-practices-for-implementing-comprehensive-identity-governance-w-2126

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/zero-trust-approach-for-healthcare-w-2071

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/reducing-risk-now-w-2052

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/webinars/increasing-your-cybersecurity-posture-value-partnering-healthcare-w-2045

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/employer-center
Title: Post a Job

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/DataBreachToday/276435459043699

Search URL Search Domain Scan URL

URL: http://twitter.com/databreachtoday

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/information-security-media-group-corp-ismg/?viewAsMember=true

Search URL Search Domain Scan URL

URL: https://events.ismg.io/event/cybersecurity-and-fraud-summit-chicago-il-2020/?rf=trending
Title: Virtual Cybersecurity & Fraud Summit Chicago - Oct. 13

Search URL Search Domain Scan URL

URL: https://www.twitter.com/asokan_akshaya
Title: asokan_akshaya

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120#disqus_thread

Search URL Search Domain Scan URL

URL: https://securelist.com/mosaicregressor/98849/
Title: Kaspersky

Search URL Search Domain Scan URL

URL: https://www.uefi.org/
Title: Unified Extensible Firmware Interface

Search URL Search Domain Scan URL

URL: https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2020/10/05094208/MosaicRegressor_Technical-details.pdf
Title: Kaspersky

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/2018/09/27/lojax-first-uefi-rootkit-found-wild-courtesy-sednit-group/
Title: ESET

Search URL Search Domain Scan URL

URL: https://twitter.com/asokan_akshaya

Search URL Search Domain Scan URL

URL: http://twitter.com/cybersec_feeds
Title: cybersec_feeds

Search URL Search Domain Scan URL

URL: http://twitter.com/jamesvgingerich
Title: @jamesvgingerich

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23SMS
Title: #SMS

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23Phishing
Title: #Phishing

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23CyberSecurity
Title: #CyberSecurity

Search URL Search Domain Scan URL

URL: https://t.co/OtzazN4pod
Title: https://t.co/OtzazN4pod

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313986825799847942
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/ArrakisConsult
Title: @ArrakisConsult

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313986437264609281
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313986310487629831
Title: Retweet

Search URL Search Domain Scan URL

URL: https://t.co/wHXYKJMaVB
Title: https://t.co/wHXYKJMaVB

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313977632673988609
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/AntonioSFB
Title: AntonioSFB

Search URL Search Domain Scan URL

URL: http://twitter.com/#!/search?q=%23MSFTAdvocate
Title: #MSFTAdvocate

Search URL Search Domain Scan URL

URL: https://t.co/Ib24sw34zA
Title: https://t.co/Ib24sw34zA

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/retweet?tweet_id=1313977419993362433
Title: Retweet

Search URL Search Domain Scan URL

URL: http://twitter.com/search/realtime?q=bankinfosecurity%20OR%20inforisktoday%20OR%20healthcareinfosecurity%20OR%20govinfosecurity%20OR%20careersinfosecurity%20OR%20databreachtoday%20OR%20cuinfosecurity%20OR%20from:euroinfosec%20OR%20from:ISMG_asia%20OR%20from:bnkinfosecurity%20OR%20from:cuinfosecurity%20OR%20from:fraudblogger%20OR%20from:govinfosecurity%20OR%20from:mariannemcgee%20OR%20from:gen_sec%20OR%20from:securityeditor%20OR%20from:healthinfosec%20OR%20from:careersinfosec%20OR%20from:databreachtoday%20OR%20from:inforisktoday%20OR%20from:ISMG_news%20OR%20from:ismg_press&src=hash
Title: Follow us on Twitter

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/chief-information-security-officer-ciso-director-freeport-mcmoran-phoenix-i-1894031
Title: Chief Information Security Officer (CISO) - Director IT - Freeport McMoRan - Phoenix, AZ

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/operational-risk-management-governance-vp-bank-china-new-york-ny-new-york-i-1902350
Title: Operational Risk Management Governance VP - Bank of China - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/financial-queries-investigations-lead-analyst-vp-citi-tampa-fl-tampa-i-1900460
Title: Financial Queries & Investigations Lead Analyst, VP - Citi - Tampa, FL

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/mss-risk-controls-analyst-svp-citi-new-york-ny-new-york-i-1900449
Title: MSS Risk & Controls Analyst (SVP) - Citi - New York, NY

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/jobs/chief-information-security-officer-ciso-new-york-city-nyc-housing-i-1892601
Title: Chief Information Security Officer (CISO) - New York City NYC HOUSING AUTHORITY - New York, NY

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-mcafees-planned-ipo-i-4775
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/how-virtual-cards-could-mitigate-merchant-fraud-risk-i-4771
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/compliance-2-new-health-data-regs-avoiding-pitfalls-i-4772
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-are-darknet-markets-here-to-stay-i-4769
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/achieving-scalable-ddos-protection-managed-services-i-4770
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/digital-identity-gaining-momentum-i-4776
Title:

Search URL Search Domain Scan URL

URL: https://www.databreachtoday.asia/interviews/5-key-features-ransomware-mitigation-i-4767
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/panel-discussion-securing-digital-payments-i-4778
Title:

Search URL Search Domain Scan URL

URL: https://www.careersinfosecurity.com/interviews/roger-severino-lead-hipaa-enforcer-on-fighting-hackers-i-4777
Title:

Search URL Search Domain Scan URL

URL: https://www.bankinfosecurity.asia/interviews/analysis-chinese-database-exposure-cause-for-concern-i-4768
Title:

Search URL Search Domain Scan URL

URL: https://securityintelligence.inforisktoday.com/
Title: Security Intelligence

Search URL Search Domain Scan URL

URL: https://ismg.io/
Title: Information Security Media Group, Corp.

Search URL Search Domain Scan URL

URL: https://ismg.io/about-us
Title: About ISMG

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x Page URL
https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 205

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602115684839&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1602115684839%26url%3Dhttps%253A%252F%252Fwww.databreachtoday.com%252Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%253Frf%253D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%2526mkt_tok%253DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602115684839&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&liSync=true

Request Chain 206

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613664492556648457&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613664492556648457&redir=

Request Chain 207

https://idsync.rlcdn.com/395886.gif?partner_uid=3613664492556648457 HTTP 307
https://ml314.com/csync.ashx?fp=&person_id=3613664492556648457&eid=50082

Request Chain 208

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b3860302-19ca-4aaa-af8b-edd6dda7cb18

Request Chain 209

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613664492556648457 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613664492556648457 HTTP 302
https://ml314.com/csync.ashx?fp=f42f5bd5a7493833c9b3cb9081482f91&eid=50146&person_id=3613664492556648457

Request Chain 210

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

Request Chain 219

https://pixel-a.basis.net/iap/64ead273d1f41aa7 HTTP 301
https://pixel.sitescout.com/iap/64ead273d1f41aa7

231 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set wXDIkcdZp00j0Y6y1020c0x
links.ismgcorp.com/ 695 B
984 B 1337ms
303ms Document
text/html 199.15.215.8
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

HTTP/1.1

Server

199.15.215.8 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Host: links.ismgcorp.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:55 GMT
Server: Apache
Cache-Control: private, no-cache, no-store, max-age=0
Connection: close
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: text/html
Set-Cookie: BIGipServersj_mailtracking_http=!O8ZRrJ55Ax1vo97InuzRy4alk/3R/jO2NPXtye46S9iwJClnJS2VfkSZnpfPYWcjR/8hGyJTchCEzR4=; path=/; Httponly

GET
H/1.1 200
OK Primary Request Cookie set hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120 Show response
www.databreachtoday.com/ 369 KB
54 KB 271ms
267ms Document
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

5e03ee2b412d0112b5e28e50436178ddd039a2bfa666636093314e08e20b3f3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Host: www.databreachtoday.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: visitorip=185.212.171.67; PHPSESSID=9n3k8k740h12ocnkpv4f6jbmdp; __atuvc=1%7C41; __atuvs=5f7e5859b30a4aac000
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Response headers

Date: Thu, 08 Oct 2020 00:07:55 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=63072000
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: _advert=false; expires=Fri, 09-Oct-2020 00:07:55 GMT; Max-Age=86400; path=/
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK jquery-ui.min.css
www.databreachtoday.com/css-responsive/vendor/ 25 KB
5 KB 137ms
136ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/vendor/jquery-ui.min.css?s=1602115675.8957

Requested by

Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4896

GET
H/1.1 200
OK mediaelementplayer-updated.css
www.databreachtoday.com/css-responsive/vendor/ 11 KB
3 KB 138ms
137ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/vendor/mediaelementplayer-updated.css?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2622

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 17ms
15ms Stylesheet
text/css 2a00:1450:4001:825::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Oct 2020 22:08:19 GMT
server: ESF
date: Thu, 08 Oct 2020 00:07:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Oct 2020 00:07:56 GMT

GET
H/1.1 200
OK main.css
www.databreachtoday.com/css-responsive/ 231 KB
42 KB 142ms
140ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/main.css?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 43006

GET
H/1.1 200
OK prettyPhoto.css
www.databreachtoday.com/css-responsive/ 21 KB
3 KB 274ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/prettyPhoto.css?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 2840

GET
H/1.1 200
OK bis-hdr.desktop.r2.css
www.databreachtoday.com/css-responsive/vendor/ 8 KB
2 KB 268ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/vendor/bis-hdr.desktop.r2.css?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1956

GET
H/1.1 200
OK bis-hdr.mobile.r2.css
www.databreachtoday.com/css-responsive/vendor/ 9 KB
2 KB 327ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/vendor/bis-hdr.mobile.r2.css?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2133

GET
H/1.1 200
OK font-awesome.min.css
www.databreachtoday.com/css-responsive/vendor/ 22 KB
5 KB 407ms
135ms Stylesheet
text/css 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/vendor/font-awesome.min.css?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: text/css
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 5049

GET
H/1.1 200
OK jquery.min.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 91 KB
33 KB 411ms
138ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/jquery.min.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 33094

GET
H/1.1 404
Not Found modernizr.js
www.databreachtoday.com/javascripts-responsive/vendor/ 0
0 505ms
177ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/modernizr.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 35 KB
9 KB 498ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/bootstrap.min.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 9328

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 21 KB
7 KB 551ms
143ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/jquery.validate.min.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 6689

GET
H/1.1 200
OK mediaelement-and-player-updated.min.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 154 KB
38 KB 664ms
141ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/mediaelement-and-player-updated.min.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 38476

GET tinymce.min.js
www.databreachtoday.com/javascripts-responsive/vendor/ 0
0

GET
H/1.1 200
OK jquery.validate.bootstrap.popover.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 2 KB
1 KB 688ms
136ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/jquery.validate.bootstrap.popover.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 926

GET
H/1.1 200
OK jquery.placeholder.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 2 KB
1 KB 700ms
139ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/jquery.placeholder.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 922

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 222 KB
60 KB 869ms
151ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/jquery-ui.min.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 61345

GET
H/1.1 200
OK crypt_des.js Show response
www.databreachtoday.com/javascripts-responsive/vendor/ 9 KB
3 KB 852ms
134ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/crypt_des.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 2857

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 32ms
27ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Thu, 08 Oct 2020 00:07:57 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H/1.1 200
OK headerlogo-dbt.png
www.databreachtoday.com/images-responsive/logos/ 6 KB
7 KB 139ms
135ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.databreachtoday.com/images-responsive/logos/headerlogo-dbt.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

11f8708cbc1a8d4570bdaafc5838a0fa583962e093540b5474546250da667ae9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 6453

GET
H/1.1 200
OK dhs-russia-poses-greatest-threat-to-election-showcase_image-9-a-15132.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 344 KB
344 KB 35ms
34ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/dhs-russia-poses-greatest-threat-to-election-showcase_image-9-a-15132.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0c4accf30afc031dcb451116c98478ec576f272fd4c3a2238e75de4a9de4783c

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 07 Oct 2020 20:49:43 GMT
X-Trans-Id: txd540292ad05e41dcadfc0-005f7e2ee2dfw1
ETag: a0ef8abce71b7e37743b0ed4c6be2c3f
Content-Type: image/jpeg
X-Timestamp: 1602103782.12570
Cache-Control: public, max-age=75755
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 352306
Expires: Thu, 08 Oct 2020 21:10:33 GMT

GET
H/1.1 200
OK cisa-warns-emotet-attacks-against-government-agencies-showcase_image-6-a-15130.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 84 KB
85 KB 84ms
76ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cisa-warns-emotet-attacks-against-government-agencies-showcase_image-6-a-15130.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a95d1948bed3f1a45950c669f73f3d95902ee1d95e306d197f8b78186e57e2f1

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 07 Oct 2020 17:36:11 GMT
X-Trans-Id: txc49312e5d2b74a829106d-005f7e0127dfw1
ETag: 6cfa17c3f6de5b5e827661197b901c3d
Content-Type: image/jpeg
X-Timestamp: 1602092170.45923
Cache-Control: public, max-age=64086
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86512
Expires: Thu, 08 Oct 2020 17:56:04 GMT

GET
H/1.1 200
OK microsoft-warns-iranian-hackers-exploiting-zerologon-flaw-showcase_image-2-a-15128.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 97 KB
97 KB 66ms
65ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/microsoft-warns-iranian-hackers-exploiting-zerologon-flaw-showcase_image-2-a-15128.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6699f01143db728abd2c63ea26e7d067b8908bf6cb84059653757aff1dd885d6

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 07 Oct 2020 14:38:27 GMT
X-Trans-Id: tx4e068d5e2968491e90060-005f7dd6b1dfw1
ETag: 00dd6468a532309ebbc74ef2445f7f84
Content-Type: image/jpeg
X-Timestamp: 1602081506.06658
Cache-Control: public, max-age=53194
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 98818
Expires: Thu, 08 Oct 2020 14:54:32 GMT

GET
H/1.1 200
OK heh-botnet-targets-telnet-on-iot-devices-showcase_image-5-a-15127.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 189 KB
189 KB 90ms
89ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/heh-botnet-targets-telnet-on-iot-devices-showcase_image-5-a-15127.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8ccfdf42877037670930e65c205ea0353531575475d29d62ff8f459b72531e17

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 07 Oct 2020 02:59:39 GMT
X-Trans-Id: txa9ca44f75fca4338be81f-005f7dbdb9dfw1
ETag: f4908da9f07a230faa0e9b869ba6837f
Content-Type: image/jpeg
X-Timestamp: 1602039578.87072
Cache-Control: public, max-age=46743
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 193390
Expires: Thu, 08 Oct 2020 13:07:01 GMT

GET
H/1.1 200
OK digital-identity-gaining-momentum-showcase_image-10-i-4776.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 88 KB
88 KB 59ms
59ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/digital-identity-gaining-momentum-showcase_image-10-i-4776.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8a3f3e789888cc4d06c6168c575b44481339a6cf22395a0f1ae232090937af9

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 05 Oct 2020 15:12:46 GMT
X-Trans-Id: txec3838cfa08841c88059f-005f7b3ec1dfw1
ETag: 00579821632cf1bfdf0b03665711cb2e
Content-Type: image/jpeg
X-Timestamp: 1601910765.81193
Cache-Control: public, max-age=40106
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89699
Expires: Thu, 08 Oct 2020 11:16:24 GMT

GET
H/1.1 200
OK roger-severino-lead-hipaa-enforcer-on-fighting-hackers-showcase_image-4-i-4777.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 131 KB
132 KB 86ms
85ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/roger-severino-lead-hipaa-enforcer-on-fighting-hackers-showcase_image-4-i-4777.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 970ea7e2eced4dea206add7c2f326305464289e4f05dcdb50cbf7547759ae24d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 05 Oct 2020 18:19:55 GMT
X-Trans-Id: tx1c8376642e7249e49717a-005f7b69c8dfw1
ETag: 00160d41cbbd683047975053cfcc78cc
Content-Type: image/jpeg
X-Timestamp: 1601921994.53295
Cache-Control: public, max-age=50361
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 134628
Expires: Thu, 08 Oct 2020 14:07:19 GMT

GET
H/1.1 200
OK analysis-mcafees-planned-ipo-showcase_image-5-i-4775.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 87 KB
88 KB 85ms
84ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-mcafees-planned-ipo-showcase_image-5-i-4775.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8388d38e2cc888f21ec1c50862c6565f1305d98f75a4e86989df4e27a3028a0d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 01 Oct 2020 15:39:32 GMT
X-Trans-Id: tx4cb54743ed364137b88bb-005f76e74fdfw1
ETag: 7cd51ce6ee5fc8a8bbf6eadf038faeb6
Content-Type: image/jpeg
X-Timestamp: 1601566771.40359
Cache-Control: public, max-age=71686
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89482
Expires: Thu, 08 Oct 2020 20:02:44 GMT

GET
H/1.1 200
OK analysis-are-darknet-markets-here-to-stay-showcase_image-3-i-4769.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 99 KB
100 KB 101ms
101ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-are-darknet-markets-here-to-stay-showcase_image-3-i-4769.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f39f33327378cf5aad8b1d72b7f2c5ced2f64686ee86cd18c2a7dea386151963

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 24 Sep 2020 14:18:01 GMT
X-Trans-Id: tx6c2e1bd66ee84fc2a4f11-005f6dac41dfw1
ETag: 592cc1e056bf2756a05fc2435de1299f
Content-Type: image/jpeg
X-Timestamp: 1600957080.59637
Cache-Control: public, max-age=20296
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 101694
Expires: Thu, 08 Oct 2020 05:46:14 GMT

GET
H/1.1 200
OK unable-to-throw-book-at-snowden-us-grabs-royalties-showcase_image-7-p-2950.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 103 KB
103 KB 52ms
44ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/unable-to-throw-book-at-snowden-us-grabs-royalties-showcase_image-7-p-2950.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 35f2ec4ccf6ffe8eb7d38a99ed8a62168cdbd62b6abe4190ed2f8acbd1e550cf

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 02 Oct 2020 11:11:46 GMT
X-Trans-Id: txc05dbe2228044459b26f3-005f771a53dfw1
ETag: 6c6d226a2a0bd02eae6be7e2cd05f386
Content-Type: image/jpeg
X-Timestamp: 1601637105.84973
Cache-Control: public, max-age=81908
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 105083
Expires: Thu, 08 Oct 2020 22:53:06 GMT

GET
H/1.1 200
OK does-trumps-covid-19-test-result-portend-cyber-chaos-showcase_image-6-p-2951.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 55 KB
56 KB 101ms
100ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/does-trumps-covid-19-test-result-portend-cyber-chaos-showcase_image-6-p-2951.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d78489fc36dabb005c4aa9088e8bf675dbba88db0a40b22b2d6163ac2f693fac

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 02 Oct 2020 14:51:51 GMT
X-Trans-Id: tx16d664eb5f2645bcb5f59-005f775d9adfw1
ETag: 0d6fe6ace891e98b18cd3ba3267e5631
Content-Type: image/jpeg
X-Timestamp: 1601650310.06619
Cache-Control: public, max-age=20856
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56676
Expires: Thu, 08 Oct 2020 05:55:34 GMT

GET
H/1.1 200
OK how-phishing-readiness-test-goes-very-wrong-showcase_image-2-p-2948.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 181 KB
181 KB 104ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/how-phishing-readiness-test-goes-very-wrong-showcase_image-2-p-2948.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f49eaccc717300154b7e0b0ddb63a95b28cb427335e3714472eb4936cc33e8b6

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 25 Sep 2020 04:52:20 GMT
X-Trans-Id: txa105213ee56e48318e384-005f6ded52dfw1
ETag: c8071ae690780e25ca16788b46bbde47
Content-Type: image/jpeg
X-Timestamp: 1601009539.15592
Cache-Control: public, max-age=33223
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 185039
Expires: Thu, 08 Oct 2020 09:21:41 GMT

GET
H/1.1 200
OK encrypted-chat-apps-arent-replacing-darknet-markets-showcase_image-9-p-2949.jpg
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/ 74 KB
74 KB 95ms
27ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com/encrypted-chat-apps-arent-replacing-darknet-markets-showcase_image-9-p-2949.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7992bf4c67b2c0209562ea69a0788e115c7ff3ddbbb955e77be3d0311d87f058

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 25 Sep 2020 16:08:35 GMT
X-Trans-Id: tx8645d44c958041ef8f940-005f6e270bdfw1
ETag: ef6771654872051b61ce2794882f9976
Content-Type: image/jpeg
X-Timestamp: 1601050114.94117
Cache-Control: public, max-age=49003
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75593
Expires: Thu, 08 Oct 2020 13:44:41 GMT

GET
H/1.1 200
OK cyber-resilience-programs-are-so-critical-showcase_image-6-a-15119.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 38 KB
38 KB 155ms
91ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cyber-resilience-programs-are-so-critical-showcase_image-6-a-15119.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b09605e93ea31f8a56878c649fd3d75a316485ad6485aa1c9bcfc5aae121c70f

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 06 Oct 2020 15:23:04 GMT
X-Trans-Id: tx4624e795a6fa42b38e744-005f7c9364dfw1
ETag: 3ac8b61fde3be4592d73fc8ce7929735
Content-Type: image/jpeg
X-Timestamp: 1601997783.65425
Cache-Control: public, max-age=48204
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38442
Expires: Thu, 08 Oct 2020 13:31:22 GMT

GET
H/1.1 200
OK managing-supply-chain-risks-showcase_image-8-a-15112.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 166 KB
166 KB 141ms
77ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/managing-supply-chain-risks-showcase_image-8-a-15112.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7e1cc6d5132f9127cc983d59dd19a4c1eff9d9acca35af073166c21792bbbaa2

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 05 Oct 2020 12:34:25 GMT
X-Trans-Id: tx1158cf0581634eb9930c1-005f7be208dfw1
ETag: 42f766af7f219591cb0ae5d0a44f9d5a
Content-Type: image/jpeg
X-Timestamp: 1601901264.43527
Cache-Control: public, max-age=81931
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 169853
Expires: Thu, 08 Oct 2020 22:53:29 GMT

GET
H/1.1 200
OK avoiding-checklist-approach-to-privacy-showcase_image-4-a-15113.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 51 KB
51 KB 89ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/avoiding-checklist-approach-to-privacy-showcase_image-4-a-15113.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7d02f9bc1c7fcb14a9b1abe6cf2f220a44fa75221025d7c9964f715f0144aa3b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 05 Oct 2020 14:49:06 GMT
X-Trans-Id: tx9f23da55c0864438a4fcd-005f7b419adfw1
ETag: fe41b41b1c77837430fc206978f50697
Content-Type: image/jpeg
X-Timestamp: 1601909345.39296
Cache-Control: public, max-age=40348
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51734
Expires: Thu, 08 Oct 2020 11:20:26 GMT

GET
H/1.1 200
OK dealing-surge-disruptionware-attacks-showcase_image-6-a-14988.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 33 KB
33 KB 82ms
33ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/dealing-surge-disruptionware-attacks-showcase_image-6-a-14988.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 94e0c0d6c127bda523dadca10142ccb5067b5881bf3f54dbd7337bc03f6fe48e

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 02 Oct 2020 13:01:34 GMT
X-Trans-Id: tx074114e89e3045b1be6b3-005f77276bdfw1
ETag: 78f770757e95ad18a7c6246cc7cee5e4
Content-Type: image/jpeg
X-Timestamp: 1601643693.99462
Cache-Control: public, max-age=85016
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33488
Expires: Thu, 08 Oct 2020 23:44:54 GMT

GET
H/1.1 200
OK fortify-comply-simplify-sensitive-data-security-privacy-using-file-centric-protect-first-approach-showcase_image-1-w-2725.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 57 KB
58 KB 72ms
48ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/fortify-comply-simplify-sensitive-data-security-privacy-using-file-centric-protect-first-approach-showcase_image-1-w-2725.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1bef2db7382c6ccb87330344baa7d41b186dae65caf68be842eff0135f7b3fd8

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 29 Sep 2020 14:28:12 GMT
X-Trans-Id: tx44c78b95e3d149b6ae456-005f744fbadfw1
ETag: 6db56c2037c4d40328a6084ed205a66a
Content-Type: image/jpeg
X-Timestamp: 1601389691.56456
Cache-Control: public, max-age=61687
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58644
Expires: Thu, 08 Oct 2020 17:16:05 GMT

GET
H/1.1 200
OK back-to-work-secure-biometric-integration-enhances-workplace-testing-solution-showcase_image-8-w-2727.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 112 KB
112 KB 73ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/back-to-work-secure-biometric-integration-enhances-workplace-testing-solution-showcase_image-8-w-2727.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 625fe25b5223dbf4bed0ba00d2b4e41a28384ba9fe952e07440b3eab0215a127

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 30 Sep 2020 13:37:10 GMT
X-Trans-Id: tx883a8d1e202d4806aea9d-005f7d02efdfw1
ETag: 57694973ce45731e953ef93488770732
Content-Type: image/jpeg
X-Timestamp: 1601473029.49827
Cache-Control: public, max-age=79031
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 114203
Expires: Thu, 08 Oct 2020 22:05:09 GMT

GET
H/1.1 200
OK live-webinar-pki-as-service-exploring-benefits-selecting-provider-showcase_image-3-w-2707.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 125 KB
126 KB 74ms
44ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-pki-as-service-exploring-benefits-selecting-provider-showcase_image-3-w-2707.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98b7a065a2fe07cffa3c706cd7feda83d067e194f82023a614c9a0b312388c46

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 24 Sep 2020 20:19:32 GMT
X-Trans-Id: txf00ab0d9998f4bd190dce-005f6e785ddfw1
ETag: 873842addf99847a641636711296a739
Content-Type: image/jpeg
X-Timestamp: 1600978771.61231
Cache-Control: public, max-age=73836
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 128115
Expires: Thu, 08 Oct 2020 20:38:34 GMT

GET
H/1.1 200
OK executive-spotlight-top-priorities-for-security-leaders-in-anz-showcase_image-6-w-2705.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 23 KB
24 KB 79ms
53ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/executive-spotlight-top-priorities-for-security-leaders-in-anz-showcase_image-6-w-2705.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29a712b6b2fcbb3b269d7ed6ebf79d824565230ad888cb330850b64d7120a67b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 24 Sep 2020 19:25:08 GMT
X-Trans-Id: tx8888c67c9b614a1b820c4-005f75269fdfw1
ETag: 392ee5887a6d92c55ef3e14c0fa4fa7f
Content-Type: image/jpeg
X-Timestamp: 1600975507.73404
Cache-Control: public, max-age=33198
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 23754
Expires: Thu, 08 Oct 2020 09:21:16 GMT

GET
H/1.1 200
OK live-webinar-identity-as-foundation-zero-trust-showcase_image-5-w-2634.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 80 KB
80 KB 47ms
46ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-identity-as-foundation-zero-trust-showcase_image-5-w-2634.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0fb6e91af33743bcaa2607e68f577561406f6a2e98706aad910e8b4b87b0d7bc

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 24 Aug 2020 12:25:36 GMT
X-Trans-Id: tx1ecf6b6c891c48338f890-005f6af5a1dfw1
ETag: bc70b8f6afe433af2befe92c856f3e09
Content-Type: image/jpeg
X-Timestamp: 1598271935.40072
Cache-Control: public, max-age=24786
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 81837
Expires: Thu, 08 Oct 2020 07:01:04 GMT

GET
H/1.1 200
OK live-webinar-securing-industrial-iot-showcase_image-4-w-2696.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 104 KB
104 KB 47ms
25ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-securing-industrial-iot-showcase_image-4-w-2696.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c922571f00cbeeb2c51d53066b76efa9f46487ea6a5a4361fe11ae27312e5e43

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 17 Sep 2020 17:25:13 GMT
X-Trans-Id: txfe43ba8eaa8546c799358-005f72efbcdfw1
ETag: f81c100c46830e943d5bdce9cf266a20
Content-Type: image/jpeg
X-Timestamp: 1600363512.81401
Cache-Control: public, max-age=60837
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 106360
Expires: Thu, 08 Oct 2020 17:01:55 GMT

GET
H/1.1 200
OK live-webinar-using-nist-privacy-framework-to-solve-common-data-privacy-problems-showcase_image-9-w-2586.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 121 KB
122 KB 43ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-using-nist-privacy-framework-to-solve-common-data-privacy-problems-showcase_image-9-w-2586.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f0ba087e5db261aad74219647cb8f9004e32305ab23ef02a162f4c79574dd90d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 04 Aug 2020 22:45:43 GMT
X-Trans-Id: txdee9c04dd7ce485594f2e-005f41dba8dfw1
ETag: ab27bc89d9e9c2a2ce3051ed9bd4e68d
Content-Type: image/jpeg
X-Timestamp: 1596581142.67433
Cache-Control: public, max-age=55319
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 124345
Expires: Thu, 08 Oct 2020 15:29:57 GMT

GET
H/1.1 200
OK live-webinar-m365-security-concerns-inside-out-showcase_image-6-w-2699.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 88 KB
88 KB 42ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/live-webinar-m365-security-concerns-inside-out-showcase_image-6-w-2699.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4fac36753dd1c16056c04d8142125e708c1d6c44d6d5906e009cd3487917cc56

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 22 Sep 2020 01:39:35 GMT
X-Trans-Id: txd05e496bb9cc4a81bfaec-005f69595fdfw1
ETag: c61938ef5ee4ed6af124b4d21f871623
Content-Type: image/jpeg
X-Timestamp: 1600738774.69500
Cache-Control: public, max-age=55539
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 90130
Expires: Thu, 08 Oct 2020 15:33:37 GMT

GET
H/1.1 200
OK marianne-crowe-largeImage-5-a-1681.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 46 KB
46 KB 44ms
30ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/marianne-crowe-largeImage-5-a-1681.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5b380c4a76859fe62f528ec229ceb815554d35bb1048f66c5f8ce6cf9be6da2e

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 13 Jul 2016 20:44:13 GMT
X-Trans-Id: txd90e8de7d33e4c9cb9ebb-005f69ca6cdfw1
ETag: f8510b0c19281d892c2a8278bccc88cc
Content-Type: image/jpeg
X-Timestamp: 1468442652.80724
Cache-Control: public, max-age=46238
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46899
Expires: Thu, 08 Oct 2020 12:58:36 GMT

GET
H/1.1 200
OK sharon-finney-largeImage-1-a-441.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 40 KB
40 KB 43ms
29ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/sharon-finney-largeImage-1-a-441.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c9f06bf648ffbb3060fbb24ddac31eed6f29f4ad69a6f9298ef63d4f14eda680

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 01 Dec 2015 17:47:01 GMT
X-Trans-Id: tx2a66563f47814db989f19-005f547f2edfw1
ETag: 6aeb6e179b23fec3684fb938ef3f2d5b
Content-Type: image/jpeg
X-Timestamp: 1448992020.09407
Cache-Control: public, max-age=61715
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40896
Expires: Thu, 08 Oct 2020 17:16:33 GMT

GET
H/1.1 200
OK robert-mcmenomy-largeImage-8-a-1343.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 75 KB
75 KB 86ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/robert-mcmenomy-largeImage-8-a-1343.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1b6baabaa2bc3124ea0607b1922de7f143d3fb4db0b4cf56d255c21039427e65

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 31 Aug 2015 21:15:45 GMT
X-Trans-Id: txcdee17c89e1d44eca3146-005f6018d0dfw1
ETag: 133eeb95e67440b25dce610a7b23096a
Content-Type: image/jpeg
X-Timestamp: 1441055744.20957
Cache-Control: public, max-age=22094
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 76560
Expires: Thu, 08 Oct 2020 06:16:12 GMT

GET
H/1.1 200
OK jigar-kadakia-largeImage-6-a-1251.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 30 KB
30 KB 314ms
301ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/jigar-kadakia-largeImage-6-a-1251.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d2d992b7835d73786a8dec113fe9cf70b311ee2227fee0d177844415d7b8f2df

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 22 Apr 2015 16:43:14 GMT
X-Trans-Id: txb9a63bf311e44e319f0da-005f76ae41dfw1
ETag: 1351659c59d7091d207278e0dd00207d
Content-Type: image/jpeg
X-Timestamp: 1429720993.00851
Cache-Control: public, max-age=86337
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30740
Expires: Fri, 09 Oct 2020 00:06:55 GMT

GET
H/1.1 200
OK next-gen-cybersecurity-new-tools-for-new-threats-pdf-10-w-6913.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 250 KB
251 KB 32ms
27ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/next-gen-cybersecurity-new-tools-for-new-threats-pdf-10-w-6913.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4b5338691e8fe24b9f5c758f9ee0e5b8fdc92ae2fb1d257c2c11ef774ecc5c08

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 07 Oct 2020 14:22:16 GMT
X-Trans-Id: tx6be1af0721b6479780d76-005f7dd2badfw1
ETag: 11fcdef1366458916aa167457a312dac
Content-Type: image/jpeg
X-Timestamp: 1602080535.19059
Cache-Control: public, max-age=52290
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 256268
Expires: Thu, 08 Oct 2020 14:39:28 GMT

GET
H/1.1 200
OK new-york-bank-achieves-cyber-risk-improvement-pdf-6-w-6897.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 200 KB
200 KB 53ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-york-bank-achieves-cyber-risk-improvement-pdf-6-w-6897.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e12c7ef56e8244af1de27e6717aea5fedcab5bf4701c6f4c8a7f82a7cefe708c

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 05 Oct 2020 14:46:16 GMT
X-Trans-Id: tx2000d2e2f11647ef843d7-005f7b41d0dfw1
ETag: 8d43d4e38fec939207e83d3246def199
Content-Type: image/jpeg
X-Timestamp: 1601909175.13124
Cache-Control: public, max-age=43676
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 204323
Expires: Thu, 08 Oct 2020 12:15:54 GMT

GET
H/1.1 200
OK consumer-banking-preferences-through-covid-pandemic-logo-2-w-6894.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 46 KB
46 KB 80ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/consumer-banking-preferences-through-covid-pandemic-logo-2-w-6894.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0a57a6aff3d5c3cce3f4774062534577ec5e7173c5f3373f7078cd00f5fc8a3a

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 02 Oct 2020 19:47:52 GMT
X-Trans-Id: tx555e2c5f82e44618aeef9-005f7bb0b3dfw1
ETag: a5cd8b93921b52da2e40a6f9b299f679
Content-Type: image/jpeg
X-Timestamp: 1601668071.45276
Cache-Control: public, max-age=68179
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 47129
Expires: Thu, 08 Oct 2020 19:04:17 GMT

GET
H/1.1 200
OK fraudsters-journey-fraud-in-ivr-logo-3-w-6896.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 27 KB
27 KB 82ms
74ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/fraudsters-journey-fraud-in-ivr-logo-3-w-6896.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0cd60b269ad9a0c52c290afe662d85b39d590fe7ea5b8ff35eb52b6d096256e7

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 02 Oct 2020 20:06:08 GMT
X-Trans-Id: txcc487cf6b7cc4442870f9-005f7c68a2dfw1
ETag: 389ff9372091ff8f39dc22ccf0f300a4
Content-Type: image/jpeg
X-Timestamp: 1601669167.65869
Cache-Control: public, max-age=37380
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27616
Expires: Thu, 08 Oct 2020 10:30:58 GMT

GET
H/1.1 200
OK combatting-cybercrime-pdf-9-h-103.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 358 KB
358 KB 81ms
75ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/combatting-cybercrime-pdf-9-h-103.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 26 Nov 2019 19:37:47 GMT
X-Trans-Id: tx57bd17ac0a254c3396bf0-005e7bcc8bdfw1
ETag: 11a3adb400c0ff282a505428b1d7be73
Content-Type: image/jpeg
X-Timestamp: 1574797066.57975
Cache-Control: public, max-age=40333
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 366322
Expires: Thu, 08 Oct 2020 11:20:11 GMT

GET
H/1.1 200
OK top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 76 KB
77 KB 73ms
70ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/top-canadian-cyber-threats-expected-in-2020-logo-9-h-102.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 28 Oct 2019 13:57:45 GMT
X-Trans-Id: txcde842eefbe546ceacdd9-005e7bd903dfw1
ETag: 69913c61181f1fc9d730d6c8298e55c4
Content-Type: image/jpeg
X-Timestamp: 1572271064.63410
Cache-Control: public, max-age=70368
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 78320
Expires: Thu, 08 Oct 2020 19:40:46 GMT

GET
H/1.1 200
OK leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 197 KB
198 KB 75ms
73ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/leveraging-new-technologies-in-fraud-investigations-logo-7-h-101.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 15 Oct 2019 14:06:53 GMT
X-Trans-Id: tx9499045f7e1143bd938db-005e7c2408dfw1
ETag: e3e068e355cdbfaa15e88b627d7ebc55
Content-Type: image/jpeg
X-Timestamp: 1571148412.42493
Cache-Control: public, max-age=20558
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 202154
Expires: Thu, 08 Oct 2020 05:50:36 GMT

GET
H/1.1 200
OK collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/ 87 KB
88 KB 79ms
78ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com/collaboration-avoiding-operational-conflicts-taking-on-new-roles-logo-10-h-100.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 02 Oct 2019 13:41:41 GMT
X-Trans-Id: tx03a5dd64dd8e478e92d2c-005e7b806adfw1
ETag: 36c70127fa172aa8ce8cd235fddf4c97
Content-Type: image/jpeg
X-Timestamp: 1570023700.81183
Cache-Control: public, max-age=19053
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89481
Expires: Thu, 08 Oct 2020 05:25:31 GMT

GET
H/1.1 200
OK securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 83 KB
84 KB 31ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-distributed-workforce-survey-showcase_image-1-s-84.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 16 Sep 2020 20:37:30 GMT
X-Trans-Id: tx83544987d6c84c70b8c20-005f627afddfw1
ETag: 5694412cdb081e33be6760fae149e796
Content-Type: image/jpeg
X-Timestamp: 1600288649.09953
Cache-Control: public, max-age=80922
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 85143
Expires: Thu, 08 Oct 2020 22:36:40 GMT

GET
H/1.1 200
OK securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 78 KB
78 KB 28ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/securing-telemedicine-future-remote-healthcare-showcase_image-4-s-82.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 19 Jun 2020 20:27:30 GMT
X-Trans-Id: txb1d9408d6ae9401089f55-005f60328ddfw1
ETag: 277c051b9980d6d67e9279ed59b4b968
Content-Type: image/jpeg
X-Timestamp: 1592598449.94175
Cache-Control: public, max-age=17392
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79854
Expires: Thu, 08 Oct 2020 04:57:50 GMT

GET
H/1.1 200
OK managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 87 KB
87 KB 33ms
29ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/managing-identity-governance-data-breach-risks-todays-remote-workforce-showcase_image-7-s-80.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 24 Apr 2020 20:49:35 GMT
X-Trans-Id: tx5400218f950646a2861fe-005ea3519bdfw1
ETag: 798bc33a31e70aade019309a9fa16e27
Content-Type: image/jpeg
X-Timestamp: 1587761374.72132
Cache-Control: public, max-age=84985
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88866
Expires: Thu, 08 Oct 2020 23:44:23 GMT

GET
H/1.1 200
OK taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/ 95 KB
95 KB 35ms
32ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com/taking-pulse-government-cybersecurity-2020-showcase_image-4-s-77.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 23 Mar 2020 21:52:35 GMT
X-Trans-Id: tx76e0c19f15dc45bb8201e-005e7bbf0fdfw1
ETag: 4af1e925902f765709fbac19d76f9149
Content-Type: image/jpeg
X-Timestamp: 1585000354.21724
Cache-Control: public, max-age=76113
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97383
Expires: Thu, 08 Oct 2020 21:16:31 GMT

GET
H/1.1 200
OK new-email-security-imperative-pdf-7-w-6890.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 150 KB
150 KB 31ms
30ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/new-email-security-imperative-pdf-7-w-6890.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4f65172cf1560e67a4b40f4a698a4406648240a551fe11c9a63eeafeed3e2aac

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 02 Oct 2020 14:13:08 GMT
X-Trans-Id: tx2812e5002eaa4ffaaeb26-005f7736e1dfw1
ETag: 49c9f521b740371311f9dde51bbef8a7
Content-Type: image/jpeg
X-Timestamp: 1601647987.05571
Cache-Control: public, max-age=9710
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 153448
Expires: Thu, 08 Oct 2020 02:49:48 GMT

GET
H/1.1 200
OK virtual-cybersecurity-fraud-summit-chicago-showcase_image-9-e-298.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 72 KB
72 KB 30ms
29ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-fraud-summit-chicago-showcase_image-9-e-298.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 31d684108b61548ba747aac544e074fc2e13350fff72f0f07de2c9d705598948

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 23 Jul 2020 21:51:12 GMT
X-Trans-Id: tx0979cd9aa6da4ba2bdbd0-005f1a0cd5dfw1
ETag: dbef5856bcc89cb3818b0cf2b55ffb4f
Content-Type: image/jpeg
X-Timestamp: 1595541071.22507
Cache-Control: public, max-age=11947
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 73743
Expires: Thu, 08 Oct 2020 03:27:05 GMT

GET
H/1.1 200
OK virtual-cybersecurity-fraud-summit-london-showcase_image-3-e-305.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 74 KB
74 KB 31ms
30ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-fraud-summit-london-showcase_image-3-e-305.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5451c82ad4141875afd527395f72fb9150c139a72713ec999fa4bb40454dd06a

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 23 Jul 2020 21:52:19 GMT
X-Trans-Id: tx042f6a49195045a884226-005f72baa5dfw1
ETag: 0434dea675374ead494a940123fd073a
Content-Type: image/jpeg
X-Timestamp: 1595541138.04153
Cache-Control: public, max-age=33169
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 75371
Expires: Thu, 08 Oct 2020 09:20:47 GMT

GET
H/1.1 200
OK virtual-cybersecurity-summit-bengaluru-showcase_image-3-e-299.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 60 KB
60 KB 32ms
31ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-summit-bengaluru-showcase_image-3-e-299.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eab772a3cf0afc7491e9dd5d0abf33df5f4b43a54bf7c2d464ce03ffee35754e

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 23 Jul 2020 21:56:45 GMT
X-Trans-Id: txac979112c1224c9baca0c-005f1a0cd5dfw1
ETag: c277d2f74aaec3083a3cd1f79f8ff053
Content-Type: image/jpeg
X-Timestamp: 1595541404.44350
Cache-Control: public, max-age=38076
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61061
Expires: Thu, 08 Oct 2020 10:42:34 GMT

GET
H/1.1 200
OK virtual-cybersecurity-fraud-summit-seattle-showcase_image-10-e-300.jpg
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/ 61 KB
62 KB 27ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com/virtual-cybersecurity-fraud-summit-seattle-showcase_image-10-e-300.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dafe277be793f7c92f70acf012cba32d18b344b2b895629edf072b61ba3e16e0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 23 Jul 2020 21:57:32 GMT
X-Trans-Id: tx2ddb0fdfac6548a89c419-005f1a0cd5dfw1
ETag: 8654e46336a3a5448f6e3b7b6daee459
Content-Type: image/jpeg
X-Timestamp: 1595541451.30245
Cache-Control: public, max-age=19125
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62869
Expires: Thu, 08 Oct 2020 05:26:43 GMT

GET
H/1.1 200
OK redefining-mobile-security-and-works-showcase_image-7-w-2273.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 187 KB
187 KB 52ms
42ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/redefining-mobile-security-and-works-showcase_image-7-w-2273.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f5f24ffc5d931243a6e2818cac716ed061b7cf0065aead0b1ab77e8c2af890cb

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 16 Dec 2019 14:31:16 GMT
X-Trans-Id: txd40e8989a3ad4f4eacd55-005f16c92edfw1
ETag: 0361dfeccb1a59b88690bb5349e1ca4a
Content-Type: image/jpeg
X-Timestamp: 1576506675.18748
Cache-Control: public, max-age=21345
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 191395
Expires: Thu, 08 Oct 2020 06:03:43 GMT

GET
H/1.1 200
OK ethics-ml-ai-showcase_image-5-w-2274.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 172 KB
172 KB 40ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ethics-ml-ai-showcase_image-5-w-2274.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7bcd31cd48941d1287630c9f1f852616cf59a1d86e3456ebee40bb2ea9519e78

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 16 Dec 2019 14:40:21 GMT
X-Trans-Id: txa10fdce3137f4264b3f2d-005f144ec0dfw1
ETag: 3f868326180ec04482c8f7f7026be9ca
Content-Type: image/jpeg
X-Timestamp: 1576507220.38776
Cache-Control: public, max-age=68790
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 175715
Expires: Thu, 08 Oct 2020 19:14:28 GMT

GET
H/1.1 200
OK developing-cyber-resilient-systems-national-imperative-for-critical-systems-operating-in-hostile-cyber-space-showcase_image-3-w-2260.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 179 KB
180 KB 40ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/developing-cyber-resilient-systems-national-imperative-for-critical-systems-operating-in-hostile-cyber-space-showcase_image-3-w-2260.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5e2499d3798db90822314fc9ac000ec6fc02669dd40ccafd5a7a4c0a5429153e

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 04 Dec 2019 20:03:21 GMT
X-Trans-Id: tx181396a71bd1450f834c6-005f721b31dfw1
ETag: f79259091bb7d189682a5344dcd7358d
Content-Type: image/jpeg
X-Timestamp: 1575489800.87694
Cache-Control: public, max-age=66729
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 183523
Expires: Thu, 08 Oct 2020 18:40:07 GMT

GET
H/1.1 200
OK best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 158 KB
158 KB 46ms
42ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/best-practices-for-implementing-comprehensive-identity-governance-solution-showcase_image-7-w-2126.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 21 Aug 2019 16:07:31 GMT
X-Trans-Id: tx11c4ef2fb61844418cfd0-005e7d2056dfw1
ETag: ac5ec7485b98a4e425694526cac66c60
Content-Type: image/jpeg
X-Timestamp: 1566403650.23177
Cache-Control: public, max-age=73862
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 161648
Expires: Thu, 08 Oct 2020 20:39:00 GMT

GET
H/1.1 200
OK zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 135 KB
136 KB 78ms
48ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/zero-trust-approach-for-healthcare-showcase_image-4-w-2071.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 28 Jun 2019 20:21:33 GMT
X-Trans-Id: tx35e0a0b8ebf24f83afe47-005e7bd5acdfw1
ETag: dd5032aff4d05ed19b21dbe830b01316
Content-Type: image/jpeg
X-Timestamp: 1561753292.90767
Cache-Control: public, max-age=48631
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138422
Expires: Thu, 08 Oct 2020 13:38:29 GMT

GET
H/1.1 200
OK reducing-risk-now-showcase_image-7-w-2052.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 134 KB
134 KB 83ms
42ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/reducing-risk-now-showcase_image-7-w-2052.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 971f0c03a1e63271a19b7de81d084c6acf81e7506dae8b31a0c6587c6ddf6a34

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 28 Jun 2019 20:15:01 GMT
X-Trans-Id: txc905275184f04b2daaf0c-005ec72368dfw1
ETag: 79f8120d6bfab756d31e5f38dbdd523c
Content-Type: image/jpeg
X-Timestamp: 1561752900.06505
Cache-Control: public, max-age=31744
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 136753
Expires: Thu, 08 Oct 2020 08:57:02 GMT

GET
H/1.1 200
OK increasing-your-cybersecurity-posture-value-partnering-healthcare-exclusive-mssp-showcase_image-7-w-2045.jpg
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/ 153 KB
154 KB 80ms
39ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com/increasing-your-cybersecurity-posture-value-partnering-healthcare-exclusive-mssp-showcase_image-7-w-2045.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3b4dcc216d84f51755dc2cae1b96e2c5f39a28352e1601f65f69d0e42600370a

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 28 Jun 2019 21:20:42 GMT
X-Trans-Id: tx9694b8d237304f718ce81-005f414380dfw1
ETag: 5e3afa124e2e37df4ab9093792a841aa
Content-Type: image/jpeg
X-Timestamp: 1561756841.42456
Cache-Control: public, max-age=77655
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 156921
Expires: Thu, 08 Oct 2020 21:42:13 GMT

GET
H/1.1 200
OK todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 69 KB
70 KB 86ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/todays-trends-in-e-commerce-fraud-showcase_image-4-a-13927.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 11 Mar 2020 18:40:32 GMT
X-Trans-Id: tx5c81c38e56f7462b919be-005eb74326dfw1
ETag: b710debdf96f2b48a22aa4a8f63dc7d4
Content-Type: image/jpeg
X-Timestamp: 1583952031.64606
Cache-Control: public, max-age=74916
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70886
Expires: Thu, 08 Oct 2020 20:56:34 GMT

GET
H/1.1 200
OK achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 54 KB
55 KB 101ms
44ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/achieving-true-predictive-security-analytics-showcase_image-2-a-13878.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 04 Mar 2020 21:51:00 GMT
X-Trans-Id: txc0c0c8197a784faaa7884-005eb36507dfw1
ETag: 3cd4bf863b88b9c29a24cef0ad690ce1
Content-Type: image/jpeg
X-Timestamp: 1583358659.31089
Cache-Control: public, max-age=84412
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55733
Expires: Thu, 08 Oct 2020 23:34:50 GMT

GET
H/1.1 200
OK tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 59 KB
59 KB 82ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/tackling-challenges-around-dwell-times-visibility-showcase_image-8-a-13884.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Thu, 05 Mar 2020 16:04:36 GMT
X-Trans-Id: txf9cf37298d7146e8b9716-005e7d0a94dfw1
ETag: f159c9867556eec8a5360d3493db29ad
Content-Type: image/jpeg
X-Timestamp: 1583424275.63523
Cache-Control: public, max-age=20623
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60191
Expires: Thu, 08 Oct 2020 05:51:41 GMT

GET
H/1.1 200
OK best-rsa-conference-2020-showcase_image-1-a-14011.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 100 KB
101 KB 49ms
29ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/best-rsa-conference-2020-showcase_image-1-a-14011.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Wed, 25 Mar 2020 19:33:42 GMT
X-Trans-Id: txd90fa594fdea49c9953bf-005e7bbf13dfw1
ETag: 5509cbbd99ddd348f3533b4b8f6a0da9
Content-Type: image/jpeg
X-Timestamp: 1585164821.83821
Cache-Control: public, max-age=75059
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 102596
Expires: Thu, 08 Oct 2020 20:58:57 GMT

GET
H/1.1 200
OK infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 89 KB
89 KB 83ms
63ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/infosec-europe-2019-compendium-imageFile-2-a-12739.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 05 Jul 2019 20:13:34 GMT
X-Trans-Id: tx9495434447024618b4cf5-005e7d08d4dfw1
ETag: f9dab7917669551bb50361c2dcd43aa7
Content-Type: image/jpeg
X-Timestamp: 1562357613.59432
Cache-Control: public, max-age=70446
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 91187
Expires: Thu, 08 Oct 2020 19:42:04 GMT

GET
H/1.1 200
OK improving-iot-risk-management-showcase_image-10-a-12689.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 60 KB
61 KB 56ms
31ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/improving-iot-risk-management-showcase_image-10-a-12689.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Fri, 28 Jun 2019 14:04:32 GMT
X-Trans-Id: tx7a65bc80513a430684935-005e7bcc8bdfw1
ETag: 7f5fdd9cf37f980ea13c12c231815e13
Content-Type: image/jpeg
X-Timestamp: 1561730671.53151
Cache-Control: public, max-age=71587
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61807
Expires: Thu, 08 Oct 2020 20:01:05 GMT

GET
H/1.1 200
OK gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 62 KB
62 KB 77ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/gdpr-where-do-we-go-from-here-showcase_image-1-a-12681.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 25 Jun 2019 19:30:48 GMT
X-Trans-Id: txe7bd16e3f9f540aab4c37-005e7d0eabdfw1
ETag: bba47bed092092a1c82b09a86a3a0e40
Content-Type: image/jpeg
X-Timestamp: 1561491047.60933
Cache-Control: public, max-age=9685
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63007
Expires: Thu, 08 Oct 2020 02:49:23 GMT

GET
H/1.1 200
OK reinventing-application-security-showcase_image-10-a-12671.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 53 KB
53 KB 67ms
38ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/reinventing-application-security-showcase_image-10-a-12671.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 25 Jun 2019 19:54:35 GMT
X-Trans-Id: tx45de8b22a2fc4b4c95bf9-005ef90048dfw1
ETag: 89521d60b07d7e85acabbf0301821f45
Content-Type: image/jpeg
X-Timestamp: 1561492474.52472
Cache-Control: public, max-age=10084
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 54026
Expires: Thu, 08 Oct 2020 02:56:02 GMT

GET
H/1.1 200
OK hacking-group-used-rare-uefi-bootkit-for-espionage-showcase_image-3-a-15120.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 93 KB
93 KB 56ms
26ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/hacking-group-used-rare-uefi-bootkit-for-espionage-showcase_image-3-a-15120.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 59efa44d6c82d28fdf18cf9d0ad8d3133a382d5edac48ebc17bdfa3597371fd0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 06 Oct 2020 16:52:10 GMT
X-Trans-Id: tx2f3d190574334f0f9dca3-005f7ca6a9dfw1
ETag: efdb8dfd507c9ffe7aa64a912ad051e3
Content-Type: image/jpeg
X-Timestamp: 1602003129.75335
Cache-Control: public, max-age=54011
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94752
Expires: Thu, 08 Oct 2020 15:08:09 GMT

GET
H/1.1 200
OK akshaya-asokan-largeImage-1-a-2924.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 49 KB
50 KB 75ms
49ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/akshaya-asokan-largeImage-1-a-2924.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cb041b77a824f7b0eea5b1d14ee5395f4ad561815d77bd1fa2ae2d7a88cd5a78

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 01 Oct 2019 16:03:49 GMT
X-Trans-Id: tx24aeab06fb0a47e39c585-005ef7ca3fdfw1
ETag: ed78ffdb7a718496e07fcc0336b9ed92
Content-Type: image/jpeg
X-Timestamp: 1569945828.12589
Cache-Control: public, max-age=43534
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50409
Expires: Thu, 08 Oct 2020 12:13:32 GMT

GET
H/1.1 200
OK industry-cyber-exposure-report-deutsche-brse-prime-standard-320-logo-6-w-6651.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 29 KB
30 KB 52ms
33ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/industry-cyber-exposure-report-deutsche-brse-prime-standard-320-logo-6-w-6651.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1df54f8dbef8cd08be86c494bca772a96cf27befb090225e493b825f3c9270b0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 25 Aug 2020 12:40:00 GMT
X-Trans-Id: txc72bc6bdc708479680033-005f481fa2dfw1
ETag: c269a684807714f19e2378971edcbe7e
Content-Type: image/jpeg
X-Timestamp: 1598359199.65461
Cache-Control: public, max-age=31362
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29916
Expires: Thu, 08 Oct 2020 08:50:40 GMT

GET
H/1.1 200
OK how-to-uplevel-your-defenses-security-analytics-pdf-3-w-6551.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 218 KB
219 KB 58ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/how-to-uplevel-your-defenses-security-analytics-pdf-3-w-6551.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f8926bcd2ffa7e82f08210092d7efe02938311ebacc02fbf0c519915baabc22b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Mon, 10 Aug 2020 15:53:50 GMT
X-Trans-Id: txd164fc4d28bc4e15bc87e-005f577f14dfw1
ETag: b79deff8926f5cbe088a30366f7af4a0
Content-Type: image/jpeg
X-Timestamp: 1597074829.29038
Cache-Control: public, max-age=83514
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 223577
Expires: Thu, 08 Oct 2020 23:19:52 GMT

GET
H/1.1 200
OK sans-effectively-addressing-advanced-threats-survey-logo-7-w-6367.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 54 KB
54 KB 86ms
38ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/sans-effectively-addressing-advanced-threats-survey-logo-7-w-6367.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e941b122b951ffc9b8bec72e34d81fd0ce3c9735379e51696b86656d19563fa0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Fri, 26 Jun 2020 15:10:03 GMT
X-Trans-Id: tx7304563aa6de4797a5196-005f201ca4dfw1
ETag: 9cc063f96ecc7262f1e105b5ca4c385f
Content-Type: image/jpeg
X-Timestamp: 1593184202.85546
Cache-Control: public, max-age=43158
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55206
Expires: Thu, 08 Oct 2020 12:07:17 GMT

GET
H/1.1 200
OK triton-20-future-ot-cyber-attacks-pdf-3-w-6353.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 145 KB
145 KB 79ms
41ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/triton-20-future-ot-cyber-attacks-pdf-3-w-6353.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: edae7b5af68901c8f29f976ba6d1b0973b793614bd1f009fde1da88b2f59e818

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Sun, 21 Jun 2020 20:58:50 GMT
X-Trans-Id: tx3f7cba12ba794d00b8ac6-005f77eba6dfw1
ETag: efcb4b0143bf86c00177b77cebe1e3c6
Content-Type: image/jpeg
X-Timestamp: 1592773129.66184
Cache-Control: public, max-age=12775
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 148120
Expires: Thu, 08 Oct 2020 03:40:54 GMT

GET
H/1.1 200
OK on-hunt-for-data-look-at-evolving-financial-crime-landscape-in-digital-age-pdf-7-w-6706.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 264 KB
264 KB 88ms
50ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/on-hunt-for-data-look-at-evolving-financial-crime-landscape-in-digital-age-pdf-7-w-6706.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 54d19370b3076cf29a9d07f91d058ee2480613599284195bfb8ebfedba70edbd

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Thu, 03 Sep 2020 20:10:05 GMT
X-Trans-Id: txfe65249076f04b178b8d9-005f684f06dfw1
ETag: 36f1517773bc49d3ac841b5641bbb7a9
Content-Type: image/jpeg
X-Timestamp: 1599163804.01512
Cache-Control: public, max-age=12660
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 270108
Expires: Thu, 08 Oct 2020 03:38:59 GMT

GET
H/1.1 200
OK managed-detection-response-mdr-buyers-guide-logo-1-w-6628.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 49 KB
49 KB 87ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/managed-detection-response-mdr-buyers-guide-logo-1-w-6628.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c00503b7b8b03c9865ea041f1cdc522127c49ee4a74428ce1af61abd1aa85e36

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Wed, 19 Aug 2020 21:30:02 GMT
X-Trans-Id: txc5d628c70ff44d769075c-005f7adc31dfw1
ETag: 225c3b6163852dbf9046589c58266300
Content-Type: image/jpeg
X-Timestamp: 1597872601.61264
Cache-Control: public, max-age=24837
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50152
Expires: Thu, 08 Oct 2020 07:01:56 GMT

GET
H/1.1 200
OK guide-to-antivirus-av-replacement-what-you-need-to-know-before-replacing-your-current-av-solution-logo-10-w-6626.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 45 KB
45 KB 121ms
57ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/guide-to-antivirus-av-replacement-what-you-need-to-know-before-replacing-your-current-av-solution-logo-10-w-6626.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 73c33b32563e2637be90df68581c0ef5bbea9c1a4adb40efb236e864bf0f606b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Wed, 19 Aug 2020 21:11:06 GMT
X-Trans-Id: tx40a5b7c7bd44495c8692d-005f76c0b2dfw1
ETag: 679114384528324ea2227d657b04a2f6
Content-Type: image/jpeg
X-Timestamp: 1597871465.70176
Cache-Control: public, max-age=13499
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 46081
Expires: Thu, 08 Oct 2020 03:52:58 GMT

GET
H/1.1 200
OK cyber-threat-intelligence-demystified-showcase_image-6-a-14864.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 135 KB
135 KB 42ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/cyber-threat-intelligence-demystified-showcase_image-6-a-14864.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ff0d918852310a1443782dc8b409a9fa4c2a2e623127edb1bcbec6144284c03a

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Thu, 20 Aug 2020 20:04:59 GMT
X-Trans-Id: tx93e9b807ffb54c749830c-005f7d9ee3dfw1
ETag: 35d5480ab4a131c875418e560a1e9990
Content-Type: image/jpeg
X-Timestamp: 1597953898.69100
Cache-Control: public, max-age=38972
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138330
Expires: Thu, 08 Oct 2020 10:57:31 GMT

GET
H/1.1 200
OK ibm-x-force-threat-intelligence-index-2020-logo-2-w-6030.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 30 KB
30 KB 70ms
32ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ibm-x-force-threat-intelligence-index-2020-logo-2-w-6030.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 881bfe30076cdcfd103138701e77cef0346eaad968c6f0dd015f14cd05c5e07d

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 30 Mar 2020 15:36:28 GMT
X-Trans-Id: tx86477ca976aa4e36acc86-005f7d5d19dfw1
ETag: 7f34d270f92bc02cabcf16e2a82606c2
Content-Type: image/jpeg
X-Timestamp: 1585582587.15588
Cache-Control: public, max-age=21996
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 30379
Expires: Thu, 08 Oct 2020 06:14:35 GMT

GET
H/1.1 200
OK beware-other-virus-spread-coronavirus-themed-malware-showcase_image-1-a-14110.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 134 KB
135 KB 40ms
39ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/beware-other-virus-spread-coronavirus-themed-malware-showcase_image-1-a-14110.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d9da61cbf2665aed71c6d5c6d58282fa9ca941d488718bf16fc49f819fa2bbf2

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 13 Apr 2020 19:01:01 GMT
X-Trans-Id: tx595f49a055e64e2cb6ed9-005f0fe524dfw1
ETag: 80a930491aade24aa861bf009e0dd85a
Content-Type: image/jpeg
X-Timestamp: 1586804460.99060
Cache-Control: public, max-age=43654
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 137417
Expires: Thu, 08 Oct 2020 12:15:33 GMT

GET
H/1.1 200
OK 7-ways-to-take-cybersecurity-to-new-levels-pdf-7-w-6463.jpg
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 243 KB
243 KB 38ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/7-ways-to-take-cybersecurity-to-new-levels-pdf-7-w-6463.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4919e2adb5a10a0ac240f9bf62ade2264ce8bccebec66375e86ff4bab8d5a839

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Fri, 24 Jul 2020 20:18:06 GMT
X-Trans-Id: txb6a73b53d5044b988bb23-005f22e3f8dfw1
ETag: d78fdde93f3a6e91e4df17cf1d3ae8b5
Content-Type: image/jpeg
X-Timestamp: 1595621885.22163
Cache-Control: public, max-age=85383
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 248479
Expires: Thu, 08 Oct 2020 23:51:02 GMT

GET
H/1.1 200
OK navigating-cybercrime-landscape-showcase_image-2-a-14569.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 102 KB
103 KB 58ms
52ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/navigating-cybercrime-landscape-showcase_image-2-a-14569.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22f57d3a5f64d1fae93d50b093c11f8be9a911f27749f08cb77850354c16bbe3

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 06 Jul 2020 23:16:03 GMT
X-Trans-Id: txbc238cc1439a4b82b36b5-005f3bd0d2dfw1
ETag: 3a77159bc648f6b5b860d6c56aabae09
Content-Type: image/jpeg
X-Timestamp: 1594077362.54669
Cache-Control: public, max-age=46836
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104909
Expires: Thu, 08 Oct 2020 13:08:35 GMT

GET
H/1.1 200
OK fraud-without-borders-global-cybercrime-report-logo-3-w-6404.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 54 KB
54 KB 72ms
68ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/fraud-without-borders-global-cybercrime-report-logo-3-w-6404.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c73990a0dba345bf44d6e88f40837b046bbf668c89d70f1f41c085dbdc211eb

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Tue, 07 Jul 2020 01:42:25 GMT
X-Trans-Id: tx269671098de34f43b3d51-005f505450dfw1
ETag: fba71935cbfa1cebbf5699340bd01851
Content-Type: image/jpeg
X-Timestamp: 1594086144.48722
Cache-Control: public, max-age=18097
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55098
Expires: Thu, 08 Oct 2020 05:09:36 GMT

GET
H/1.1 200
OK rising-iot-botnets-shifting-ransomware-escalate-enterprise-risk-logo-6-w-6538.JPG
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/ 32 KB
33 KB 58ms
29ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com/rising-iot-botnets-shifting-ransomware-escalate-enterprise-risk-logo-6-w-6538.JPG
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6ab58161de587ae970a0a44762ee958838e961ef928c58cd9a2e680b3348171c

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 10 Aug 2020 12:58:15 GMT
X-Trans-Id: tx02ba270de942432e85a4b-005f4edf34dfw1
ETag: 98a6f32ee722ef9ef6e7a49b0ce67b33
Content-Type: image/jpeg
X-Timestamp: 1597064294.97123
Cache-Control: public, max-age=38910
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33013
Expires: Thu, 08 Oct 2020 10:56:29 GMT

GET
H/1.1 200
OK fileless-malware-injected-in-windows-error-reporting-service-showcase_image-4-a-15129.jpg
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/ 175 KB
176 KB 40ms
36ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com/fileless-malware-injected-in-windows-error-reporting-service-showcase_image-4-a-15129.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7bd0b1c71678463acb8f96f3a6cd4eeda6ee0c196ded8bf557ac5b2b5ae864a

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Wed, 07 Oct 2020 14:50:10 GMT
X-Trans-Id: tx55dcce0ffc7d470a9ef75-005f7dd9c2dfw1
ETag: 704189cfe73c7b6ffdec234718868073
Content-Type: image/jpeg
X-Timestamp: 1602082209.21098
Cache-Control: public, max-age=54033
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 179403
Expires: Thu, 08 Oct 2020 15:08:32 GMT

GET
H/1.1 200
OK how-virtual-cards-could-mitigate-merchant-fraud-risk-showcase_image-7-i-4771.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 135 KB
136 KB 31ms
30ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/how-virtual-cards-could-mitigate-merchant-fraud-risk-showcase_image-7-i-4771.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bf6005f6e5e8f5fbecf055ce4e63dfc6096b584acf0973e4da11a5ce408fd414

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 28 Sep 2020 11:16:49 GMT
X-Trans-Id: tx4299325e6d00429bae3b3-005f71f268dfw1
ETag: 59f4054e0f5eb557f35b43cb5c23f4da
Content-Type: image/jpeg
X-Timestamp: 1601291808.41505
Cache-Control: public, max-age=58773
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 138381
Expires: Thu, 08 Oct 2020 16:27:32 GMT

GET
H/1.1 200
OK compliance-2-new-health-data-regs-avoiding-pitfalls-showcase_image-3-i-4772.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 47 KB
48 KB 40ms
35ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/compliance-2-new-health-data-regs-avoiding-pitfalls-showcase_image-3-i-4772.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ce95c6cde0c6fb2e69a15cca63fded4719cf4275cd03fcc6279cf4d0e9ea0177

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 28 Sep 2020 19:18:45 GMT
X-Trans-Id: txa446a80ec8cb4c3ea60c8-005f7374efdfw1
ETag: 0d18f38785da0e60ede6f0c5e3a3b7dc
Content-Type: image/jpeg
X-Timestamp: 1601320724.58804
Cache-Control: public, max-age=78426
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48378
Expires: Thu, 08 Oct 2020 21:55:05 GMT

GET
H/1.1 200
OK achieving-scalable-ddos-protection-managed-services-showcase_image-7-i-4770.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 296 KB
297 KB 31ms
30ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/achieving-scalable-ddos-protection-managed-services-showcase_image-7-i-4770.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 29fc20dde9756a5d7609e0922846a104358f3a14a6d4addaa292d0b6fd7293d0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Mon, 28 Sep 2020 08:58:11 GMT
X-Trans-Id: tx3c070c00be6441da8fc0f-005f71ad44dfw1
ETag: 967ff914ef682251f7437acfc991b08e
Content-Type: image/jpeg
X-Timestamp: 1601283490.34956
Cache-Control: public, max-age=37365
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 303372
Expires: Thu, 08 Oct 2020 10:30:44 GMT

GET
H/1.1 200
OK 5-key-features-ransomware-mitigation-showcase_image-10-i-4767.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 76 KB
76 KB 83ms
29ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/5-key-features-ransomware-mitigation-showcase_image-10-i-4767.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5582702e5c3761e45e6b279aa8adae9fa0dd4e787da99c954bf0cf5926c9e689

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Fri, 18 Sep 2020 08:00:26 GMT
X-Trans-Id: tx81632da14c8142909d3ab-005f72ebc0dfw1
ETag: d73e28c00d8ff31e68a27bcb41903a80
Content-Type: image/jpeg
X-Timestamp: 1600416025.41696
Cache-Control: public, max-age=49185
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 77659
Expires: Thu, 08 Oct 2020 13:47:44 GMT

GET
H/1.1 200
OK panel-discussion-securing-digital-payments-showcase_image-1-i-4778.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 328 KB
328 KB 50ms
28ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/panel-discussion-securing-digital-payments-showcase_image-1-i-4778.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 532a553e83ef36070af13f3cc7185d268e3c1e609a0d58e23044be8497830bd3

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Wed, 07 Oct 2020 11:26:31 GMT
X-Trans-Id: tx827ca893101c490aae6a5-005f7dc707dfw1
ETag: 949de5ffb26d1e0b307c9a374d046f9f
Content-Type: image/jpeg
X-Timestamp: 1602069990.05317
Cache-Control: public, max-age=49246
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 335758
Expires: Thu, 08 Oct 2020 13:48:45 GMT

GET
H/1.1 200
OK analysis-chinese-database-exposure-cause-for-concern-showcase_image-1-i-4768.jpg
0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/ 54 KB
55 KB 55ms
34ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com/analysis-chinese-database-exposure-cause-for-concern-showcase_image-1-i-4768.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 22eebfc59195e416f7a2c75d774b2dbc23d676045560dfbfaf2e7a0e5cb0c4be

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Thu, 17 Sep 2020 15:11:01 GMT
X-Trans-Id: tx7722126afc924b38a6d2a-005f646b56dfw1
ETag: c9365fa2f3a8c737bd4c97ae7f7872d1
Content-Type: image/jpeg
X-Timestamp: 1600355460.96051
Cache-Control: public, max-age=32068
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 55503
Expires: Thu, 08 Oct 2020 09:02:27 GMT

GET
H/1.1 200
OK logo-ismg-with-text.png
www.databreachtoday.com/images-responsive/ 4 KB
4 KB 164ms
143ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.databreachtoday.com/images-responsive/logo-ismg-with-text.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4175

GET
H/1.1 200
OK logo-ismg-print.png
www.databreachtoday.com/images-responsive/ 5 KB
6 KB 163ms
142ms Image
image/png 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.databreachtoday.com/images-responsive/logo-ismg-print.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: image/png
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 5598

GET
H/1.1 200
OK ondemand-preview-w-255.jpg
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 56 KB
57 KB 1148ms
44ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:00 GMT
Last-Modified: Fri, 05 Jul 2013 12:55:26 GMT
X-Trans-Id: tx57bcf996db9b4c57b592d-005f7e52bddfw1
ETag: 7aece0902995efedc289b7c24037434b
Content-Type: image/jpeg
X-Timestamp: 1373028925.94439
Cache-Control: public, max-age=840
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57633
Expires: Thu, 08 Oct 2020 00:22:00 GMT

GET
H/1.1 200
OK ron-ross-smallImage-a-558.jpg
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ 10 KB
11 KB 74ms
63ms Image
image/jpeg 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com/ron-ross-smallImage-a-558.jpg
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Last-Modified: Fri, 01 Nov 2013 13:09:25 GMT
X-Trans-Id: tx171b8f70f76f44bbb4333-005eb36507dfw1
ETag: fac8c56390d084c4f1dfaa9b24a58c33
Content-Type: image/jpeg
X-Timestamp: 1383311364.81114
Cache-Control: public, max-age=9767
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10640
Expires: Thu, 08 Oct 2020 02:50:46 GMT

GET
H/1.1 404
Not Found modernizr.js
www.databreachtoday.com/javascripts-responsive/vendor/ 0
0 301ms
176ms Script
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/vendor/modernizr.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 00:07:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=63072000
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 52 KB
17 KB 174ms
42ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5628c46cbfbc4e87764f46abffd54f666dead37cbd81bcef2f453bceae37a865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "656 / 30 of 1000 / last-modified: 1602108813"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=21600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17588
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:07:58 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 39ms
33ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/javascripts-responsive/vendor/jquery.min.js?s=1602115675.8957
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 539 KB
43 KB 212ms
83ms Script
application/javascript 2a00:1450:4001:81f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T626NZ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28e3a7e17bfadfbf229abfd4388f315bc81388d0e122a5559a1f77b8c056c7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:07:58 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44412
x-xss-protection: 0
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 08 Oct 2020 00:07:58 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 70ms
28ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.databreachtoday.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:23:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 107082
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9132
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:23:16 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 30ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.databreachtoday.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:26:31 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:16 GMT
server: sffe
age: 106887
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9016
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:26:31 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff
www.databreachtoday.com/css-responsive/fonts/ 43 KB
44 KB 153ms
148ms Font
application/font-woff 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/css-responsive/fonts/fontawesome-webfont.woff?v=4.2.0

Requested by

Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/css-responsive/vendor/font-awesome.min.css?s=1602115675.8957

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.databreachtoday.com
Referer: https://www.databreachtoday.com/css-responsive/vendor/font-awesome.min.css?s=1602115675.8957
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Last-Modified: Tue, 06 Oct 2020 18:59:03 GMT
Server: Apache
ETag: "ad90-5b1053146a730"
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/font-woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 44432

GET
H/1.1 200
OK main.js Show response
www.databreachtoday.com/javascripts-responsive/ 41 KB
10 KB 139ms
137ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/main.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 9721

GET
H/1.1 200
OK media-transcript-navigation.js Show response
www.databreachtoday.com/javascripts-responsive/ 26 KB
7 KB 137ms
136ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/media-transcript-navigation.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 6519

GET
H/1.1 200
OK bis-hdr.r1.js Show response
www.databreachtoday.com/javascripts-responsive/ 1 KB
840 B 136ms
135ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/bis-hdr.r1.js?s=1602115675.8957

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 455

GET
H/1.1 200
OK jquery.browser.js Show response
www.databreachtoday.com/javascripts-responsive/ 2 KB
1 KB 241ms
143ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/jquery.browser.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 1022

GET
H/1.1 200
OK jquery.prettyPhoto.js Show response
www.databreachtoday.com/javascripts-responsive/ 24 KB
7 KB 261ms
135ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/jquery.prettyPhoto.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:07:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6459

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.databreachtoday.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:51 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:49 GMT
server: sffe
age: 107107
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9180
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:51 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 53ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:07:59 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=46348
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H3-Q050 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 49ms
17ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.databreachtoday.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:22:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:27 GMT
server: sffe
age: 107136
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9080
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:22:23 GMT

GET
H3-Q050 200 pubads_impl_2020100201.js Show response
securepubads.g.doubleclick.net/gpt/ 271 KB
95 KB 33ms
31ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

sffe /

Resource Hash

1436c906c0691c6d7e77c015f3f454e1c3df917404c2b96171d5e7e899aa3c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:07:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Oct 2020 19:05:52 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97303
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:07:59 GMT

GET
H3-Q050 200 memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ 10 KB
10 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/memnYaGs126MiZpBA-UFUKWyV9hrIqOxjaPX.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.databreachtoday.com
Referer: https://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 18:28:03 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:28 GMT
server: sffe
age: 106796
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9744
x-xss-protection: 0
expires: Wed, 06 Oct 2021 18:28:03 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 119ms
36ms Script
application/x-javascript 104.109.95.62
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.95.62 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-95-62.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:01 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Sat, 16 Jan 2021 00:08:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 81ms
1ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.databreachtoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 112ms
0ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.databreachtoday.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 175 KB
17 KB 159ms
152ms XHR
text/plain 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=912223886131318&correlator=3731416737348495&output=ldjh&impl=fifs&eid=21066466%2C21067119%2C21066094&vrg=2020100201&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201008&iu_parts=4444691%2CDBT_TOP_728x90%2CDBT_MID_RB_300x250%2CDBT_MID_RB_2_300x250%2CDBT_MID_RB_3_300x250%2CDBT_MID_RB_300x600%2CDBT_MID_L_180x150%2CDBT_MID_R_180x150%2CDBT_MID2_L_180x150%2CDBT_MID2_R_180x150%2CDBT_TEXT_1%2CDBT_TEXT_2%2CDBT_BOTTOM_728x90%2CDBT_MID_728x90%2CDBT_Interstitial%2CDBT_TOP_320x50%2CDBT_BOTTOM_320x50%2CDBT_MID_320x50%2CDBT_CAT_LOGO&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12%2C%2F0%2F13%2C%2F0%2F14%2C%2F0%2F15%2C%2F0%2F16%2C%2F0%2F17%2C%2F0%2F18&prev_iu_szs=728x90%2C300x250%2C300x250%2C300x250%2C300x600%2C180x150%2C180x150%2C180x150%2C180x150%2C280x70%2C280x70%2C728x90%2C728x90%2C640x480%2C320x50%2C320x50%2C320x50%2C216x54&cust_params=category%3D%255B416%252C420%252C409%252C410%252C467%252C476%255D%26gated%3Dn&cookie_enabled=1&bc=31&abxe=1&lmt=1602115681&dt=1602115681297&dlt=1602115676093&idt=5007&frm=20&biw=1600&bih=1200&oid=3&adxs=615%2C1025%2C1025%2C-9%2C1010%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-9%2C-9%2C-12245933&adys=71%2C592%2C3415%2C-9%2C2106%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-12245933%2C-9%2C-9%2C-12245933&adks=3278784386%2C2977291722%2C3327481402%2C2602068264%2C993613247%2C3432865064%2C1680696679%2C2506343038%2C2484848859%2C1900808572%2C392546858%2C1235722975%2C288851561%2C1097209948%2C2986446788%2C3173543903%2C3361737753%2C1845465306&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf%7Cg%7Ch%7Ci&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&ref=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x&dssz=35&icsg=805306154&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=800x90%7C360x0%7C360x0%7C0x-1%7C390x595%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C780x4316&msz=770x90%7C360x250%7C360x250%7C0x-1%7C390x600%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x0%7C0x-1%7C0x-1%7C236x64&ga_vid=1978372140.1602115681&ga_sid=1602115681&ga_hid=1978436250&fws=0%2C0%2C0%2C2%2C0%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C128%2C2%2C2%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

ac4dd219d6f954f312bab43bbfbf0b5f7e3beacabdf91f8f9eabf091bdd22d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17167
x-xss-protection: 0
google-lineitem-id: 5374156995,5374156995,5374156995,-2,5374156995,-2,-2,-2,-2,-2,-2,5374156995,5374156995,5496550240,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319171942,138319171735,138319171654,-2,138318699869,-2,-2,-2,-2,-2,-2,138319171999,138318769521,138325569944,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.databreachtoday.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a07eecf948766f3b478132bbbeedf0f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 123ms
7ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a07eecf948766f3b478132bbbeedf0f6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 36ms
33ms Other
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAFE 0
0 337ms
74ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvySNC5oqJiphJfQxUZkt6z_-drgkZMsoVBBtxKvzcV5g6LaOTo7Fz9FNf8g7QW1ItW2udypH_JTNHgh36Czmr99AtUs4cVGJNFC3F9VIchfb_00DonYcU7kj_d_hOEI2Dq_6wx2ipg2pslhWb4u2sBUeEsk52imqfA6fWwXDLjbn95DpVm3fri854ZQKEboPa0Yb9TkK8eUwnGuy_NJa0YlFcVJBJgscJPJBqsweOkUmPMzvS5JmfeSciPPzoevOAzC3GzDW9BD-3Ll34uOA&sig=Cg0ArKJSzM27eEWKS5k2EAE&adurl=

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:02 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/ Frame CAFE 18 KB
7 KB 266ms
0ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 640591673917274331
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/ Frame CAFE 3 KB
2 KB 731ms
395ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAFE 74 KB
28 KB 354ms
80ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CAFE 0
0 735ms
12ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCF4W4fa3zlWnxQRwfK5VbzbQNy4TNPCsHXSSKbjqD_r7xwmfouVZMBI9lysOlGIHtD3UqEjYJe3aigVMz2EFgjWl0Ow
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 17638677356327988379
tpc.googlesyndication.com/simgad/ Frame CAFE 48 KB
48 KB 714ms
225ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17638677356327988379

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5795a3b6a150bf86182b75712570fa67aad082a2f5398941c7176e7ca0eba98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 13:37:41 GMT
x-content-type-options: nosniff
age: 124221
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48945
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 13:30:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 13:37:41 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame EEFD 0
0 342ms
88ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuU5753VCYcfsBobxUMxsDKRkwCni7rSqnab5skUoP8D9yidhAtlAagM5dwlnl4BuPYzCYfH9rFV9M8THLZAtu95bSmPUxPMtw80pDqD8UAro5liSp99-g0GXEIBDfs8Ma8j1mLiCwtrSVpMUG7cqTIPQgqA4hTtmi63yxqLCsX7DxGso0LcLjKvJN0sFWg0_vEwnCX5lOpLavzh0zeTECWRLTgSwA7BI-2_qpg33gHWI3cG6Jkh_WLvexXcKr9d2s-RuhXigPZ254-0tZ6HZDmFgs&sig=Cg0ArKJSzJx61N_iVkBKEAE&adurl=

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:02 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/ Frame EEFD 18 KB
7 KB 257ms
0ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 640591673917274331
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/ Frame EEFD 3 KB
1 KB 722ms
280ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:12 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEFD 74 KB
28 KB 340ms
78ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame EEFD 0
0 732ms
6ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAOKEW2UyYBlGDT4GZFIvuCBD9slJYqVwGsif1Z59QkVTTX8-FFc8Hp9v8eco9l9E7i2bfazpYmXn5_BXR_HNr3EESMg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 4310601900027023515
tpc.googlesyndication.com/simgad/ Frame EEFD 128 KB
128 KB 727ms
23ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4310601900027023515

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8d8c8151d4624e30f5c12738ad9cf67b777eea8076d2f8c4a9d269297d6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 13:37:40 GMT
x-content-type-options: nosniff
age: 124222
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131060
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 13:30:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 13:37:40 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 566ms
0ms Script
text/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27576
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H/1.1 206
Partial Content ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 192 KB
0 360ms
69ms Media
video/mp4 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 08 Oct 2020 00:08:02 GMT
Last-Modified: Fri, 05 Jul 2013 12:56:36 GMT
X-Trans-Id: tx33ca1088b5394e578f0fa-005f36b0c8dfw1
ETag: e5d65b36cc2f1ee7de6cc53cd6609280
Content-Type: video/mp4
Content-Range: bytes 0-10621769/10621770
X-Timestamp: 1373028995.98411
Cache-Control: public, max-age=891
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10621770
Expires: Thu, 08 Oct 2020 00:22:53 GMT

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 286ms
195ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1602115682240&_mchCn=&_mchId=051-ZXI-237&_mchTk=_mch-databreachtoday.com-1602115682233-37830&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&_mchHo=www.databreachtoday.com&_mchPo=&_mchRu=%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x&_mchQp=rf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120__-__mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:02 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 50ca4bb1-51ea-4e61-a94c-4c40912746fb

GET
H/1.1 200
OK visitWebPage Show response
051-zxi-237.mktoresp.com/webevents/ 2 B
311 B 759ms
162ms XHR
text/plain 192.28.147.68
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://051-zxi-237.mktoresp.com/webevents/visitWebPage?_mchNc=1602115682240&_mchRu=%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26amp%3Bmkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&_mchQp=cat%3D416%26cat%3D420%26cat%3D409%26cat%3D410%26cat%3D467%26cat%3D476%26assetID%3D15120%26assetType%3Darticle%26key%3Dbootkit%26key%3Drootkit%26key%3Dmosaicregressor%26key%3Dunified%20extensible%20firmware%20interface.%20malware%20framework%26key%3Dkaspersky%26key%3D&_mchId=051-ZXI-237&_mchTk=_mch-databreachtoday.com-1602115682233-37830&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&_mchHo=www.databreachtoday.com&_mchPo=&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchRe=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.147.68 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:03 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 954b0c14-cbf1-44de-a1fd-f93ef2f8281f

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54F5 0
0 394ms
38ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdAAC5U4-IShSJBudH8zWcPDwWWDTyuy_cJmGCLByCpbioN6DdTBowW8MdddgFNy-7uIdsSj09P4C7jyKzS3oxmtB6wd78AJzvxU0j-EoACfi8YqI8oQHTvIYGZX-5cwFbJrwGD8I9PzrQqIqoWORHWfS9hhsMEwUrZmki_DsSLsQiLZ2b0PYC5pli3ssO6zZW95zijrHLRQni3c_0wDG5oLdoE032bQM_6mlwgI1i6RUNwnLxWJw5dhD_KAT7TZxVqfJCbMj1J0sSeCVQ8v0SP-FkdA&sig=Cg0ArKJSzBPMlAH5X4hBEAE&adurl=

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:02 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 4310601900027023515
tpc.googlesyndication.com/simgad/ Frame 54F5 128 KB
128 KB 379ms
38ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4310601900027023515

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8d8c8151d4624e30f5c12738ad9cf67b777eea8076d2f8c4a9d269297d6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 13:37:40 GMT
x-content-type-options: nosniff
age: 124222
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131060
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 13:30:39 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 13:37:40 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/ Frame 54F5 18 KB
7 KB 352ms
36ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 640591673917274331
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/ Frame 54F5 3 KB
1 KB 388ms
31ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:12 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 54F5 74 KB
28 KB 365ms
50ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2CD 0
0 392ms
39ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuHXFPgwdOPB0pUAJw2kn4GS_GbTPoDkCzuVF3dnfjxsIOr5Wns0prL4WfIVmO56Yk5j2lRYiqPmpONOeY3B986XYNTqZQZ8OVBUC8oT1fPQ54j2vnF8jL1vn3en32KpkYcFGJndw7Js4XLII_XWFFL5vED5l8DmNpqi_H1g6FG6qwTA7diaf1slcgv4oxMWvdlwmAP6jyoZBInzz9Zd1zsm7ltgEdl5EjTa0WfsNM7BhH-JJCElI-rARjZY565enznKhzoWNyHMh20sXymoWCu4A0&sig=Cg0ArKJSzPzx2qjI5H4kEAE&adurl=

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:02 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/ Frame A2CD 18 KB
7 KB 349ms
33ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 640591673917274331
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/ Frame A2CD 3 KB
1 KB 377ms
30ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:12 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2CD 74 KB
28 KB 360ms
42ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 11812545202973491268
tpc.googlesyndication.com/simgad/ Frame A2CD 163 KB
163 KB 406ms
57ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11812545202973491268

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

449b8de5fdb31aa0d32f64828022d6471a035dec5edbf66b0ea3a4ddf57fd9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 13:37:41 GMT
x-content-type-options: nosniff
age: 124221
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 167115
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 13:31:33 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 13:37:41 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE43 0
0 373ms
42ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssFZUCkD4WL1FLIJtSmwiIJu4riBwF-OYcz-jQzZBDbbMyjGPtbeLniMHc8aVFocxo-A2AY9Fwb0lioRz_MvuAvUFMPyRvg9ebuMBb9C6xBP0SXfh6t0vLPoOuT463fbkVnfogVjXjAdawaOr1p7wE2IcBKcW8AbXOPF2WJgYDMV74sXArxKzTq-fuQRmWpfS-pBvOKzewoeO3BmoBc20XAwbrzzVUXxWeD1C4MtSxWSIQm6_Q4W100KIws0jDYnpiJ--QF2zOPnHF4-PexUUM3fA&sig=Cg0ArKJSzP6iN6LAmriqEAE&adurl=

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:02 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 17638677356327988379
tpc.googlesyndication.com/simgad/ Frame AE43 48 KB
48 KB 321ms
32ms Image
image/png 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17638677356327988379

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5795a3b6a150bf86182b75712570fa67aad082a2f5398941c7176e7ca0eba98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 13:37:41 GMT
x-content-type-options: nosniff
age: 124221
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48945
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 13:30:19 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 13:37:41 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/ Frame AE43 18 KB
7 KB 330ms
33ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 640591673917274331
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/ Frame AE43 3 KB
1 KB 442ms
106ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:12 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame AE43 74 KB
28 KB 358ms
61ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4103 0
0 342ms
40ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWkEMtKTfrmNm4LiOWUzq7LwhT4pgsb-aPuHQYLS8sDkeaMX_8pOFq8t01q3dEAjGfwrYqr6DAKCc3AsOAxduNClq7j2yTzMs5a6sStGMGgZcS1p1wlfFLfE-hoZ47_yd6-9UkYCJigU3FR6M55nRfoyupJiAZlJnoJaKz4BetsDh3yQvLRvNLTo1_wAMeVsmyEsdgyb0RjbYPJpWrqr0bl8uofsKCIRkA6hNI5MVxeOZZsAdpzAjH9Ygu1t4DIbZaN4lyjwlgX9VShI4-GDsS&sig=Cg0ArKJSzP7IrLP8_2SFEAE&adurl=

Requested by

Host: links.ismgcorp.com
URL: http://links.ismgcorp.com/wXDIkcdZp00j0Y6y1020c0x

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:02 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/ Frame 4103 18 KB
7 KB 321ms
32ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19485
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 640591673917274331
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:17 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/ Frame 4103 3 KB
1 KB 438ms
102ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20201006/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 07 Oct 2020 18:43:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19490
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Oct 2020 18:43:12 GMT

GET
H3-Q050 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4103 74 KB
28 KB 346ms
55ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1602070835955383"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28872
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:02 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 4103 0
0 387ms
77ms Image
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBXS-_tTznxGpNWTG5xMgJFbS4PLjeLxc_e41biy3rtM15pFt_dxl94OwHvukxmx-_W9FsJXcIbFSSLEZ5FBsiXNIeVQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 18364637846577120327
tpc.googlesyndication.com/simgad/ Frame 4103 73 KB
73 KB 387ms
77ms Image
image/jpeg 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18364637846577120327

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6bcab7894c767072695814dde2c7ea423136e59146fead4f5e7513edaf719cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 06 Oct 2020 11:08:49 GMT
x-content-type-options: nosniff
age: 133153
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75103
x-xss-protection: 0
last-modified: Mon, 05 Oct 2020 17:24:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Oct 2021 11:08:49 GMT

GET
H/1.1 200
OK embed.js Show response
bankinfosecurity.disqus.com/ 69 KB
23 KB 88ms
30ms Script
application/javascript 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bankinfosecurity.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

80b8c602f7a7befa1190e1d1a6b952c4ba741258490e8ed4abff5c5118f49b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:03 GMT
Content-Encoding: gzip
Server: openresty
Age: 16
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 22862

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5663
date: Wed, 07 Oct 2020 22:33:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Thu, 08 Oct 2020 00:33:40 GMT

GET
H/1.1 200
OK tag.aspx Show response
ml314.com/ 26 KB
12 KB 45ms
42ms Script
application/javascript 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?892020
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:02 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Oct 2020 07:00:58 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=24774
Connection: keep-alive
Content-Length: 11933
Expires: Thu, 08 Oct 2020 07:00:58 GMT

GET
H/1.1 200
OK insight.min.js Show response
sjs.bizographics.com/ 965 B
761 B 19ms
17ms Script
application/x-javascript 2a02:26f0:2b00:7b2::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:2b00:7b2::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:03 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=27186
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 448

GET
H2 200 livechat.ashx Show response
chatserver.comm100.com/ 990 B
724 B 414ms
407ms Script
application/x-javascript 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8fe66db584b92b70607f85dab9ebe96762bbe6a3b6e02af2bb0d74510a9c802b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:03 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store
cf-ray: 5deba00c1c151ea1-AMS
content-length: 515
cf-request-id: 05a7225b9200001ea1ba1a5200000001

GET
H/1.1 200
OK ajax.php Show response
www.databreachtoday.com/ 6 KB
1 KB 177ms
160ms XHR
text/html 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL: https://www.databreachtoday.com/ajax.php?json=twitterWidget
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/javascripts-responsive/vendor/jquery.min.js?s=1602115675.8957
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),
Reverse DNS
Software: Apache /
Resource Hash: 0f7f4d2f651985c8a3bde1936946f387afea5005b08dee440d2684a03b336da2

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 00:08:03 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4fd21f8a1294dd16/ 27 B
251 B 62ms
31ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4fd21f8a1294dd16/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:03 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=33, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 47
x-akamai-path-stats: [3:94145:56855],[1:4557:32443]

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 88 B
248 B 156ms
155ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f7e585e915b1c37&bkl=0&bl=1&pdt=350&sid=5f7e585e915b1c37&pub=ra-4fd21f8a1294dd16&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.bankinfosecurity.com&dr=links.ismgcorp.com&fp=hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120&fr=wXDIkcdZp00j0Y6y1020c0x&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=4&gen=100&chr=UTF-8&mk=Bootkit%2CRootkit%2CMosaicRegressor%2CUnified%20Extensible%20Firmware%20Interface.%20Malware%20framework%2CKaspersky&colc=1602115683584&jsl=1&uvs=5f7e585e2488a457000&skipb=1&callback=addthis.cbs.jsonp__6455184793511020
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e5044afbdaa92a7579b3dcea7f08d5a3da91e17d62cb56eaa999d5690faacf03

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Thu, 08 Oct 2020 00:08:03 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 88
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B3CF 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3381 0
0 29ms
25ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Thu, 08 Oct 2020 00:08:03 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame EEFD 0
21 B 39ms
35ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0hHdUnsXU562GS7mLKIrSxe_IFDERu4bSvg1yRjQi6Y2hh4u_j7XrZRF_9t28U43ppdcmKuFB1vn5BQF2zuV8bqQ6pd4zjLNFFbhqFLI29xaReU_cIuTekhJ6ikXD2lJijMDg_6FkrR8DM1z0ed0UdFQNayiEpbT5VkfiML0nNEXV9m-oU5cvb3LhkkvcUC-1EtudWjMgOqaxig2OBQcQKs_K6rxEJp-DgbJQquV2CsAvs3SGl9VkJKZVkfUFqojdPYmaZF85MnLuNoQdnaqWiE5kSA&sig=Cg0ArKJSzA3wmRENda5iEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EEFD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 96ded2078fff8b83b4115f22c881badceb583321b4b73bab993b5191cc6aeaea

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame CAFE 0
21 B 36ms
35ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuhF0XBJbudyRniyjMM2ePufk01vOGEVKTnA_Afh9Yh_90LhtnXT04WJynl1BOBfQSwTYCv4ruE1em56NzBn6BpxpqE3xYJrAzPyqKHo-DG_EmqOdhmcfzlOZ_fStb8LZL7uDomnTjItIK5aoAVWn-9LNpTUkxyn-Aa_zZU6nqCukmTSH2HppQbkbScvB108Reg5PUsWOCitu8RPbwweF_JlAR0D3q_MnMdiRi3kexay9nkyUbR9_Xn-W3PNODldSgnAf-FkHgEA6Oyo1cW1qQV&sig=Cg0ArKJSzMeXfN7PAgOkEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CAFE 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 916c8546cc6e77b71f3a24f1edb51ec20b85fcfec7c336f59c141287bce382be

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 54F5 0
21 B 34ms
33ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDZuUVUVO20LA8eGvwqJUN9G0nxAlHU_j0Cp8IDSstOoabxJakaJDXWWk-kyl6vFkC46ABigsC8FyyCJEGMPkAJQvsFTdwEdbqa1pz8CFEHVZbzXROWORKOupGAwPfGKVVHqBLdMaAN7ebQ3S4Qy2vXPdRFYnhMF1F1jC-i2CcVcgh3tMKCHxX7hwVq4hM7WkTi5x_pJzXKkgfs52348bfO7hPepOqoxC6LyqoW_PiVa4RAtfiUW3O6AWH2WqVTiWJYlJ8bqHpC4g4AelfICcKas3c5uht&sig=Cg0ArKJSzLQPrT8zTBenEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 54F5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 154ace4cddb84b0079c46a01b75e181299403170ee0d52d81d91e0059fe27734

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content ondemand-preview-w-255.mp4
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ 3 MB
0 54ms
53ms Media
video/mp4 2.18.233.88
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com/ondemand-preview-w-255.mp4
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.88 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-88.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=131072-

Response headers

Date: Thu, 08 Oct 2020 00:08:03 GMT
Last-Modified: Fri, 05 Jul 2013 12:56:36 GMT
X-Trans-Id: tx33ca1088b5394e578f0fa-005f36b0c8dfw1
ETag: e5d65b36cc2f1ee7de6cc53cd6609280
Content-Type: video/mp4
Content-Range: bytes 131072-10621769/10621770
X-Timestamp: 1373028995.98411
Cache-Control: public, max-age=890
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10490698
Expires: Thu, 08 Oct 2020 00:22:53 GMT

GET
H2 200 vhasETOF_normal.jpg
pbs.twimg.com/profile_images/1131855016766124032/ 2 KB
2 KB 39ms
8ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1131855016766124032/vhasETOF_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/4188) /

Resource Hash

baee07e6cf9cf189699de48a4a7009c3920868c17af309a6c3c2fd773082ec46

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
age: 569695
x-cache: HIT
status: 200
content-length: 1731
x-response-time: 122
surrogate-key: profile_images profile_images/bucket/2 profile_images/1131855016766124032
last-modified: Fri, 24 May 2019 09:28:39 GMT
server: ECS (fcn/4188)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 2f060b4aae2c10b5432ce0e020dad03d
accept-ranges: bytes

GET
H2 200 DROQd4rk_normal.jpg
pbs.twimg.com/profile_images/763152348713668608/ 2 KB
2 KB 39ms
9ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/763152348713668608/DROQd4rk_normal.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (fcn/40D1) /

Resource Hash

376e4423b6583305300535ebd351ad3e9824a5ebf485dfddf6261af4835792a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
age: 47268
x-cache: HIT
status: 200
content-length: 1959
x-response-time: 123
surrogate-key: profile_images profile_images/bucket/0 profile_images/763152348713668608
last-modified: Tue, 09 Aug 2016 23:15:53 GMT
server: ECS (fcn/40D1)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 932649ebb1cc0b9bf8bd2fb167eb8652
accept-ranges: bytes

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A2CD 0
21 B 35ms
34ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6FzfWaEama0OQwvMqe2AdXcOF7V7v_3UMoJQKn_aa5WVAgNxijlGevpGOoPEU1vv0_9ChKU6X_DDRtsFA1BF49EYYb4NqJwsAvNwpID87dYzWKSyOHk27ayE16ru-Iu2MPKeltK5PDeZAaf_XJkSK37XN0u7U73RRGczepQjq_c4clcQ-rX4-EOG9uT8im1rrsneTwDeW_YME9omgGNlnyHRFqQWx886UoRhMTK3LERy4DWa9BAjZlBr6zOt7qGCtqjSGI3YutPSrjZ99m01w1LL3eQ&sig=Cg0ArKJSzDShts_eZOCREAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A2CD 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06c80cb7a780bf73035c80f18ab0cd26274db964fe89126136f8c80690793543

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AE43 0
21 B 36ms
35ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7m2Qno1XfpqOtXQjVCFqqVUT0lSDzKF6NnmI5F0FIoRNwyMUKF2c0ReRK7gbkIWrIrq73s9g4NmQR_h_XNG59lfn7u6xQa_V0wyJ-pZAF7SW60nms8ZOvEVK3uE7pqPyvTenie_69FGU7XVodrZdZscylkBRdENHD76MrUDQlIX6JA2sHhgBbsINpY46yPDZb_3B8ojhHZi0Pcmh2zISBkBFdN-PzKZb9lFVHmzbAhPjVm1QjET04kFtPKcbrQZk6216h7rbie5yHv6p9GhKxQCqP&sig=Cg0ArKJSzPBQ_hnlG6OMEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AE43 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ae43eb66dbe6e443d5192f46f869ae1f53ba3baae717f917c4d6702fdf6b863c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4103 0
21 B 43ms
42ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyOrDHLTMFOl_YRIf-XQ-Y8FwWJYdBBTkl900HztdUVBxZZuRT74lit8Lp01UfjkQs3mI4RRfYslsoloqlj5AummpX-kelYcVHcxodSoRnRZ0R_u-xKTajeIFQNCt96ckn_5riG1XFOWFgRHFLLZqWAd-95PO4nYjWpPLZO2qT1TqV7oHEmby0YIKF2iFSeWwJMR9AjKzudLvAzXWDMfKCNsL8QDWDddA_wVZ9n83O3Ij7kMePGKW5h_6zX6X-5e05M9EAgYxBx3J9V6AWTisXZ8Q&sig=Cg0ArKJSzKSJJjuaw1K5EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
47 B 15ms
15ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1978436250&t=pageview&_s=1&dl=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&dr=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x&ul=en-us&de=UTF-8&dt=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1373663539&gjid=1619165932&cid=1978372140.1602115681&tid=UA-212197-28&_gid=1235425323.1602115684&_r=1&_slc=1&z=1226072406

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.databreachtoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
26 B 14ms
13ms XHR
text/plain 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&a=1978436250&t=pageview&_s=1&dl=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&dr=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x&ul=en-us&de=UTF-8&dt=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAjAAEABAAAAAC~&jid=45398214&gjid=643803547&cid=1978372140.1602115681&tid=UA-212197-36&_gid=1235425323.1602115684&_r=1&_slc=1&z=759821732

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.databreachtoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 7ms
6ms Image
image/gif 2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j86&a=1978436250&t=event&_s=2&dl=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&dr=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x&ul=en-us&de=UTF-8&dt=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=dailyemailupdates&ea=impression&el=&_u=IAjAAEABAAAAAC~&jid=&gjid=&cid=1978372140.1602115681&tid=UA-212197-28&_gid=1235425323.1602115684&z=1526156136

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Oct 2020 11:39:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 44936
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK insight.beta.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 12ms
11ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by: Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:04 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Sep 2020 22:01:48 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=37787
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1799

GET
H/1.1 200
OK utsync.ashx Show response
ml314.com/ 644 B
2 KB 39ms
37ms Script
application/javascript 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=57819&ct=js&pi=3613664492556648457&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&pv=1602115684171_o80tuy2ik&bl=en-us&cb=1252653&return=&ht=&d=&dc=&si=1602115666896_zq2l90bpq&cid=&s=1600x1200&rp=http%3A%2F%2Flinks.ismgcorp.com%2FwXDIkcdZp00j0Y6y1020c0x
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8807c74392aa1062c672116278269d6d7f5122255e6b32d234c01689e5056753

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 00:08:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 467
Expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ 20 B
482 B 174ms
173ms Script
application/javascript 34.202.64.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=892020
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.64.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-64-133.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:03 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 09 Oct 2020 00:08:04 GMT

GET
H2 200 lounge.d70637fa1c39d358d2553bf476f09a98.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 45ms
12ms Other
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.d70637fa1c39d358d2553bf476f09a98.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 185056
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 22103
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 20:15:50 GMT
server: cloudflare
etag: "5f7b7ef6-5657"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a7225f810000dfc361330200000001
accept-ranges: bytes
cf-ray: 5deba0126b8fdfc3-FRA
expires: Tue, 05 Oct 2021 20:43:43 GMT

GET
H2 200 common.bundle.e07f4f02bedd02259fb3f3e092970560.js
c.disquscdn.com/next/embed/ 0
88 KB 45ms
14ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e07f4f02bedd02259fb3f3e092970560.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3354466
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 89940
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Sun, 30 Aug 2020 04:13:44 GMT
server: cloudflare
etag: "5f4b2778-15f54"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a7225f810000dfc361331200000001
accept-ranges: bytes
cf-ray: 5deba0126b90dfc3-FRA
expires: Mon, 30 Aug 2021 04:20:17 GMT

GET
H2 200 lounge.bundle.e036f421f8b1b0c7a5e3f86da59ffb99.js
c.disquscdn.com/next/embed/ 0
113 KB 55ms
23ms Other
application/javascript 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.e036f421f8b1b0c7a5e3f86da59ffb99.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 95975
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 115097
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 06 Oct 2020 21:17:56 GMT
server: cloudflare
etag: "5f7cdf04-1c199"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a7225f810000dfc361332200000001
accept-ranges: bytes
cf-ray: 5deba0126b91dfc3-FRA
expires: Wed, 06 Oct 2021 21:28:27 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
8 KB 74ms
17ms Other
application/javascript 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:04 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 36
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 7281
X-XSS-Protection: 1; mode=block

GET
H2 200 bundle.c1414569ae0d48cdd8c614158295e905.js Show response
vue.comm100.com/js/ Frame D8F8 1002 KB
243 KB 25ms
24ms Script
application/javascript 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Requested by: Host: chatserver.comm100.com
URL: https://chatserver.comm100.com/livechat.ashx?siteId=92035
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 99219fecaa6e9ee4f6c103172f2b6c870c5f6adab22535afba2090680a3253fa

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:04 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1357170
x-powered-by: ASP.NET
status: 200
content-length: 248284
cf-request-id: 05a7225fc600001ea1ba1d2200000001
last-modified: Tue, 22 Sep 2020 07:08:27 GMT
server: cloudflare
etag: "80a7d2baf90d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5deba012da391ea1-AMS

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
66 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-212197-36&cid=1978372140.1602115681&jid=45398214&gjid=643803547&_gid=1235425323.1602115684&_u=IAjAAEABAAAAAC~&z=1822490000

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 08 Oct 2020 00:08:04 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.databreachtoday.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame 7D85 0
0 282ms
163ms Document
text/html 151.101.64.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=bankinfosecurity&t_u=https%3A%2F%2Fwww.bankinfosecurity.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120&t_d=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&t_t=Hacking%20Group%20Used%20Rare%20UEFI%20Bootkit%20for%20Espionage&s_o=default

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9

Response headers

Connection: keep-alive
Content-Length: 2731
Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 06 Oct 2020 17:09:56 GMT
ETag: W/"lounge:view:8229043003.1f68e44330adc9253ae2bda30fc0ce9b.2"
Content-Encoding: gzip
Date: Thu, 08 Oct 2020 00:08:04 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602115684839&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_EN...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D749%26time%3D1602115684839%26url%3Dhttps%253A%252F%252Fwww.databreachtoday.com%25...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602115684839&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_EN...

0
244 B

218ms
208ms

Image
application/javascript

2a05:f500:10:101::b93f:9105
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602115684839&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&liSync=true
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9105 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:05 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-efr5
x-li-source-fabric: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: LmACOLrbOxYgmVu3DSsAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
status: 302
content-length: 0
x-li-uuid: YXnzL7rbOxYAh7L1rioAAA==
pragma: no-cache
x-li-pop: afd-prod-edc2
x-msedge-ref: Ref A: 9653538A5EC440D4A466AECD7112B81E Ref B: FRAEDGE0920 Ref C: 2020-10-08T00:08:05Z
x-frame-options: sameorigin
date: Thu, 08 Oct 2020 00:08:04 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=2592000
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=749&time=1602115684839&url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&liSync=true
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/
Redirect Chain

https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3613664492556648457&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613664492556648457&redir=

42 B
915 B

141ms
42ms

Image
image/gif

52.30.78.155
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613664492556648457&redir=

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v081-0d5a9baf4.edge-irl1.demdex.com 5.78.0.20200908113611 0ms (+2ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: BCYcPnPbT+8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: jDznsE3DRYc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3613664492556648457&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://idsync.rlcdn.com/395886.gif?partner_uid=3613664492556648457
https://ml314.com/csync.ashx?fp=&person_id=3613664492556648457&eid=50082

43 B
312 B

138ms
40ms

Image
image/gif

34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=&person_id=3613664492556648457&eid=50082
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 20:08:05 GMT

Redirect headers

date: Thu, 08 Oct 2020 00:08:04 GMT
via: 1.1 google
status: 307
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=&person_id=3613664492556648457&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

utsync.ashx
ml314.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b3860302-19ca-4aaa-af8b-edd6dda7cb18

43 B
1 KB

82ms
53ms

Image
image/gif

34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b3860302-19ca-4aaa-af8b-edd6dda7cb18
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Oct 2020 00:08:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Thu, 08 Oct 2020 20:08:05 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:05 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ml314.com/utsync.ashx?eid=53819&et=0&fp=b3860302-19ca-4aaa-af8b-edd6dda7cb18
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 199

GET
H/1.1

200
OK

csync.ashx
ml314.com/
Redirect Chain

https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613664492556648457
https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3613664492556648457
https://ml314.com/csync.ashx?fp=f42f5bd5a7493833c9b3cb9081482f91&eid=50146&person_id=3613664492556648457

43 B
312 B

70ms
49ms

Image
image/gif

34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=f42f5bd5a7493833c9b3cb9081482f91&eid=50146&person_id=3613664492556648457
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:04 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/gif
Cache-Control: private
Connection: keep-alive
Content-Length: 43
Expires: Thu, 08 Oct 2020 20:08:05 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:05 GMT
status: 302
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://ml314.com/csync.ashx?fp=f42f5bd5a7493833c9b3cb9081482f91&eid=50146&person_id=3613664492556648457
cache-control: no-cache
x-server: 10.45.29.27
content-length: 0
expires: 0

GET
H/1.1

200
OK

/
ps.eyeota.net/pixel/bounce/
Redirect Chain

https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif

0
344 B

125ms
27ms

Image
text/plain

3.121.27.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:05 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /pixel/bounce/?pid=r8hrb20&t=gif
Date: Thu, 08 Oct 2020 00:08:04 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame D8F8 996 B
967 B 248ms
174ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 948a0e2203b91961b74d4ca9d8e37734b6f8c7da96f24b70839a52b536541c60

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 00:08:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 548
cf-request-id: 05a72262e000001ea1ba202200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.databreachtoday.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 5deba017cece1ea1-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame EEFD 42 B
107 B 75ms
30ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssdW9m5RFYRdSaI9woRZgJddnpiTKXBQeyD82DpTeprl4MzQfmIR3oogjdYpqDT4H521G8mfJpZqMAq_Q6R9QLXcIPmRpw2S4Avnw-W23k&sig=Cg0ArKJSzJQe2Wh-KpHiEAE&adk=2977291722&tt=-1&bs=1600%2C1200&mtos=1095,1095,1095,1095,1095&tos=1095,0,0,0,0&p=592,1040,842,1340&postrxl=1&mcvt=1095&rs=0&ht=0&tfs=410&tls=1505&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=12&niot_cbk=400&md=2&btr=0&cpmav=0&lm=2&rst=1602115682104&dlt&rpt=1953&isd=0&msd=0&xdi=0&ps=1600%2C5752&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-10-5-5-0-0-0&tvt=1497&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&r=v&id=osdim&vs=4&uc=6&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20201007

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame CAFE 42 B
107 B 109ms
56ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-WIl3wWxysmZKtdFSbQoe_xWZfd45N_nTrpZHP3qv4WtpA0CePfjoZFc7miqqlBIRsU02LheHSLNe3_iGJGLYsnjhLGxvFtClAgWXxwU&sig=Cg0ArKJSzCSWp4qWsmxhEAE&adk=3278784386&tt=-1&bs=1600%2C1200&mtos=1084,1084,1084,1084,1084&tos=1084,0,0,0,0&p=71,636,161,1364&postrxl=1&mcvt=1084&rs=0&ht=0&tfs=359&tls=1443&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=4&niot_cbk=337&md=2&btr=0&cpmav=0&lm=2&rst=1602115682088&dlt&rpt=2006&isd=0&msd=0&xdi=0&ps=1600%2C5752&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-6-4-5-5-0-0-0&tvt=1441&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&r=v&id=osdim&vs=4&uc=6&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20201007

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 visitor.ashx Show response
chatserver3.comm100.com/ Frame D8F8 1 KB
1003 B 238ms
238ms XHR
text/json 104.20.4.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/visitor.ashx?siteId=92035
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.4.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4ce784edc49071e31cc9e5593c2f219d3536c79e75dc42cf569a91ade8270cc1

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 08 Oct 2020 00:08:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"
status: 200
content-length: 823
cf-request-id: 05a722642500001ea1ba213200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/json; charset=utf-8
access-control-allow-origin: https://www.databreachtoday.com
cache-control: private
access-control-allow-credentials: true
cf-ray: 5deba019d8c71ea1-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H/1.1 200
OK bis-hdr.desktop.r2.js Show response
www.databreachtoday.com/javascripts-responsive/ 2 KB
979 B 143ms
142ms Script
application/javascript 50.56.167.254
RMH-14

General

Check archive.org

Show headers Download Go to

Full URL

https://www.databreachtoday.com/javascripts-responsive/bis-hdr.desktop.r2.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

50.56.167.254 San Antonio, United States, ASN33070 (RMH-14, US),

Reverse DNS

Software

Apache /

Resource Hash

a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:05 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Type: application/javascript
Cache-Control: max-age=86400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Content-Length: 595

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 21ms
19ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020100201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3f5de54b9d7070d96f4f7685deb4c4de71af5520816e5a2f0cd99df90ff322c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 08 Oct 2020 00:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4103 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2e63238ed328d2ff5326c83cbef9f146c46498b05d786d057522f3cd9c0fe11a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 123ms
41ms Script
application/javascript 178.79.227.76
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T626NZ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.227.76 , Italy, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-227-76.vie.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:05 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 102301
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1044
x-llid: 9b9cc85520e94b2c7869a4a0f4b85c4c

GET
H2

204

64ead273d1f41aa7
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/64ead273d1f41aa7
https://pixel.sitescout.com/iap/64ead273d1f41aa7

0
191 B

232ms
25ms

Image
text/plain

66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/64ead273d1f41aa7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Thu, 08 Oct 2020 00:08:05 GMT
cache-control: max-age=0,no-cache,no-store
expires: Tue, 11 Oct 1977 12:34:56 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"

Redirect headers

status: 301
content-length: 0
location: https://pixel.sitescout.com/iap/64ead273d1f41aa7

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 106ms
43ms Script
text/javascript 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020100201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1601061966610483"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6293
x-xss-protection: 0
expires: Thu, 08 Oct 2020 00:08:05 GMT

GET
H2 200 campaign.ashx Show response
chatserver3.comm100.com/ Frame D8F8 6 KB
3 KB 382ms
148ms XHR
text/json 104.20.5.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://chatserver3.comm100.com/campaign.ashx?siteId=92035&campaignId=1275&lastUpdateTime=75567E86D28614B61879350BF24B10CF3D5F2F97D558627059BACCEACEA691D0
Requested by: Host: vue.comm100.com
URL: https://vue.comm100.com/js/bundle.c1414569ae0d48cdd8c614158295e905.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.5.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:06 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
status: 200
content-length: 2617
cf-request-id: 05a722664000001fe65b859200000001
x-robots-tag: noindex, nofollow
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 5deba01d3b9d1fe6-AMS
access-control-allow-headers: Content-type,api-key,Authorization,X-Requested-With

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/217/ Frame 28D9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/217/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/217/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Wed, 07 Oct 2020 23:00:52 GMT
expires: Thu, 07 Oct 2021 23:00:52 GMT
last-modified: Mon, 21 Sep 2020 23:28:38 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4034
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 2A0B 0
0 27ms
27ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.databreachtoday.com
URL: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

:method: GET
:authority: pixel.sitescout.com
:scheme: https
:path: /dmp/asyncPixelSync
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9

Response headers

status: 204
cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Thu, 08 Oct 2020 00:08:06 GMT
server: AC1.1

GET
H2 200 dabbb58b17f5118e
pixel.sitescout.com/up/ 43 B
267 B 25ms
25ms Image
image/gif 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/dabbb58b17f5118e?cntr_url=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:05 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
status: 200
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4103 42 B
65 B 53ms
47ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstUsDKpaOHMbbOfGg6sBUN3XvMRnSIRnZvrV5VS_XvCuPiFSz_7idjRzHhndyfk-xS4yKnJeMXEqXd0swrsSHGd7G9tXQX2Q35QqEx70pY&sig=Cg0ArKJSzAQCcdpL3aIyEAE&adk=1097209948&tt=-1&bs=1600%2C1200&mtos=1054,1054,1054,1054,1054&tos=1054,0,0,0,0&p=181,480,661,1120&postrxl=1&mcvt=1054&rs=0&ht=0&tfs=1824&tls=2878&mc=1&lte=-1&bas=0&bac=0&met=mue&la=1&avms=nio&niot_obs=6&niot_cbk=215&md=2&btr=0&cpmav=0&lm=2&rst=1602115682653&dlt&rpt=1657&isd=0&msd=0&xdi=0&ps=1600%2C5752&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-17-5-16-16-0-0-0&tvt=2874&is=640%2C480&iframe_loc=https%3A%2F%2Fwww.databreachtoday.com%2Fhacking-group-used-rare-uefi-bootkit-for-espionage-a-15120%3Frf%3D2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120%26mkt_tok%3DeyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9&r=v&id=osdim&vs=4&uc=17&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=640x480&itpl=3&v=20201007

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 621B 337 B
686 B 13ms
6ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21052212
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a7226ec50000dfc361004200000001
accept-ranges: bytes
cf-ray: 5deba02adb69dfc3-FRA
expires: Thu, 04 Feb 2021 13:19:18 GMT

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 5973 337 B
334 B 30ms
13ms Stylesheet
text/css 2606:4700::6812:a813
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: bankinfosecurity.disqus.com
URL: https://bankinfosecurity.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a813 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 08 Oct 2020 00:08:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 21052212
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 244
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 04 Feb 2020 01:14:10 GMT
server: cloudflare
etag: "5e38c562-f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
cf-request-id: 05a7226f060000dfc361006200000001
accept-ranges: bytes
cf-ray: 5deba02b3bc4dfc3-FRA
expires: Thu, 04 Feb 2021 13:19:18 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 49ms
40ms Image
image/gif 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=217&t=2&li=gpt_2020100201&jk=912223886131318&bg=!PT6lPh7NAAWYAzhQmFg8EODFRtTNlAIAAAKYUgAAADsKAW7GxVijIiUbzGO-jFvkPvfHtVfD8vlFU2lwAnPoYQ4jJx3vK9TQbUhVkDwMOkZgjT5jeHUtARI7UmbIjDPahEnkF6xwle5n3O9e7GuKh-ZZ1m-qj1Gc-qP3onE4vTZkQlRvyiCQSfZdFwVKzvix22qZoDYZSq5ai1agNk79uEYDtT4rMKPX2qaz6_vdPGJ6sr9hsvKW5TFGN4dStXjd08EGvq-4M0fZxAFTICVMPV7Ibg8LpqVeRjE0Ls3WOTT7pyISrv30GF9np3l3bVUntzjEkhVBrSNtO-Pl7QwtBFbxXigxuCEm9pZqPP1v3cz7rWzU3Hgm-TYYJKeeFcs84yzqjGM-YUrDV8w5-qnqZ3CiZ5muDDVunBJt1NpOKP39C32ouWTh6OHVPsHSZ_ZPmDAFZQPgzdNUNCADonoTrJLZUKXR5TjaUbbfvcfIzp8fgFL7AHllfYIHSlt8dTszC6ZZhtfsR8hBEWP3169u5A-ZAbBfPuDh01e2dEARUwDxbuwV8csWmirkMxYPkdstM3jJD6j_lo_kOiZ_eLOHZCl0hXnn15OKmB1_LQdcvkH1WM9IM7Gsa7p-sQo2Gqe2aOnAw19MUKicfc7XU6Z2sHBwJNTn5vn-p-z8mtg4yA5KlsmUg7bBTc_-D0Ifv4TjPNxKHOLawoXZYchlKZC3nesDJXPgMg1zZeL_vcnQ_RaWOW6Iu-ePMdLY6AKDSLBzuaeuTmTWD_U83Ju1INiCces7LH2MyAS-RxERf8Z9thDPmD52fE9I9_rKR8CSrLbXPjicNBTDZfYajdW8bJT7i9u4JDWxDFBBlRVB1TfHhJ-5mcdsbHmBc-im6pTlaDoy50QUvy7uVjuywFYtp9Rr4jI-GSjnptrk0u89N9loOGslh93s0Q71YiDAqSZr6ClsBE8MBIblHxiEtBFUZEMbLMLCyz2vGVrqLqa05d8Juy1ONmtkJTtH_gWP0eDM_0uLWlF5sL5bZnsW_ULq8zYFEnUW8agR_bQmWD7NjGCgAVeHRpOzpZDIrIFsZkBRrj8FTCNsli-KIs1hwAZqnyu_zDsUNwg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Oct 2020 00:08:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK imsync.ashx Show response
ml314.com/ 17 B
427 B 36ms
36ms Script
text/html 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/imsync.ashx?pi=3613664492556648457&data=eyJwaCI6NTczMCwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNjAyMTE1Njg0MTcxX284MHR1eTJpayIsInNkIjoxMjAwfQ%3D%3D
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?892020
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea

Request headers

Referer: https://www.databreachtoday.com/hacking-group-used-rare-uefi-bootkit-for-espionage-a-15120?rf=2020-10-07_ENEWS_ACQ_DBT__Slot9_ART15120&mkt_tok=eyJpIjoiWkdJMFptRTBOekl3TXpreiIsInQiOiJtQzNLSFRyUUtFY1k3bkJBTkNOWDdtZXI2SFNqQ3VpQU5lem1Ja3M5T05DUzBkK0ltTWI2VFhzXC8yMytvRk8zUUJ4RnprWXNaZ0hEOTBKdlJ0ZTFNOXpFK0VBXC9PczFaOTdoR3ZPSTllNnpEQjU0OE5INzRLT2JLXC9sT3BVcklTOU9oc0RZc28wRG9HYjNBZDBtNG9jdXc9PSJ9
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 08 Oct 2020 00:08:18 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Connection: keep-alive
Content-Length: 135

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.databreachtoday.com
URL: https://www.databreachtoday.com/javascripts-responsive/vendor/tinymce.min.js?s=1602115675.8957

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.addthis.com/	1970-01-19 22:32:13	Name: loc Value: MDAwMDBFVU5MTkIyMzE3MTg1NjAwMDAwMDBDSA==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 051-ZXI-237 [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0267f973c7f511eda6a4-193e28812cee85d6e20ea22afb83e185.ssl.cf1.rackcdn.com
051-zxi-237.mktoresp.com
130e178e8f8ba617604b-8aedd782b7d22cfe0d1146da69a52436.ssl.cf1.rackcdn.com
21aaef15263171502b5a-3fc6a64a094676b060fa7dc8c4490be9.ssl.cf1.rackcdn.com
4a7efb2d53317100f611-1d7064c4f7b6de25658a4199efb34975.ssl.cf1.rackcdn.com
6d63d49ccb7c52435540-5070aa97eaa2b8df4eb5a91600e69901.ssl.cf1.rackcdn.com
752b069ec945bee67d86-1021436e05aad7b2347bf3096cc7e309.ssl.cf1.rackcdn.com
75d03c5f1bfbbbb9cc13-369a671ebb934b49b239e372822005c5.ssl.cf1.rackcdn.com
a07eecf948766f3b478132bbbeedf0f6.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
bankinfosecurity.disqus.com
c.disquscdn.com
cdn01.basis.net
chatserver.comm100.com
chatserver3.comm100.com
dbac8a2e962120c65098-4d6abce208e5e17c2085b466b98c2083.ssl.cf1.rackcdn.com
disqus.com
dpm.demdex.net
f5bd7c2823d8d0533dcb-62d55445ed2ff88556926faa498f48fa.ssl.cf1.rackcdn.com
fa94d5c47256403c613d-7164cafcaac68bfd3318486ab257f999.ssl.cf1.rackcdn.com
fonts.googleapis.com
fonts.gstatic.com
idsync.rlcdn.com
in.ml314.com
links.ismgcorp.com
m.addthis.com
match.adsrvr.org
ml314.com
munchkin.marketo.net
pagead2.googlesyndication.com
pbs.twimg.com
pixel-a.basis.net
pixel.sitescout.com
ps.eyeota.net
px.ads.linkedin.com
s7.addthis.com
securepubads.g.doubleclick.net
sjs.bizographics.com
snap.licdn.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tpc.googlesyndication.com
v1.addthisedge.com
vue.comm100.com
www.databreachtoday.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
s7.addthis.com
www.databreachtoday.com
104.109.95.62
104.20.4.43
104.20.5.43
151.101.112.134
151.101.64.134
172.217.16.194
178.79.227.76
192.28.147.68
199.15.215.8
2.18.233.88
2.18.235.40
23.210.248.44
2606:2800:134:1a0d:1429:742:782:b6
2606:4700::6812:a813
2620:1ec:21::14
2a00:1450:4001:80b::2003
2a00:1450:4001:815::2002
2a00:1450:4001:81b::2001
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2008
2a00:1450:4001:81f::200e
2a00:1450:4001:825::2001
2a00:1450:4001:825::200a
2a00:1450:400c:c06::9d
2a02:26f0:2b00:7b2::3adf
2a02:26f0:6c00:296::25ea
2a05:f500:10:101::b93f:9105
3.121.27.153
34.120.207.148
34.202.64.133
34.249.122.179
50.56.167.254
52.30.78.155
52.49.190.28
54.229.91.186
66.155.71.149
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04d304d7ee49ac157f146382a46f02a666279bd7f29074f50e863b88f2affae9
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06c80cb7a780bf73035c80f18ab0cd26274db964fe89126136f8c80690793543
073ce3168634ada329dac67b06abf8e481474d636b512e6b558cc779d00e8fab
0a57a6aff3d5c3cce3f4774062534577ec5e7173c5f3373f7078cd00f5fc8a3a
0c4accf30afc031dcb451116c98478ec576f272fd4c3a2238e75de4a9de4783c
0cd60b269ad9a0c52c290afe662d85b39d590fe7ea5b8ff35eb52b6d096256e7
0f7f4d2f651985c8a3bde1936946f387afea5005b08dee440d2684a03b336da2
0fb6e91af33743bcaa2607e68f577561406f6a2e98706aad910e8b4b87b0d7bc
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
11f8708cbc1a8d4570bdaafc5838a0fa583962e093540b5474546250da667ae9
1436c906c0691c6d7e77c015f3f454e1c3df917404c2b96171d5e7e899aa3c84
154ace4cddb84b0079c46a01b75e181299403170ee0d52d81d91e0059fe27734
199cd24e6b0d526eb0c06060d87dee6425d302456b0a2cb3015778f6401c476d
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1a0bbdba57f90a60fef89419fc940d8eae55c5b0d12ecbadde2beaef32ab2d90
1b6baabaa2bc3124ea0607b1922de7f143d3fb4db0b4cf56d255c21039427e65
1bef2db7382c6ccb87330344baa7d41b186dae65caf68be842eff0135f7b3fd8
1df54f8dbef8cd08be86c494bca772a96cf27befb090225e493b825f3c9270b0
1edbdbe7dd4c59e2fef20ef8dc4615a18d116fdf43daf018dce46a93e6cb153e
1f8d8c8151d4624e30f5c12738ad9cf67b777eea8076d2f8c4a9d269297d6e55
22eebfc59195e416f7a2c75d774b2dbc23d676045560dfbfaf2e7a0e5cb0c4be
22f57d3a5f64d1fae93d50b093c11f8be9a911f27749f08cb77850354c16bbe3
256a489beea4a14eca458f6e5436758f1fcb8dd34034d3c36dd21b22a5841f3b
28e3a7e17bfadfbf229abfd4388f315bc81388d0e122a5559a1f77b8c056c7e8
29a712b6b2fcbb3b269d7ed6ebf79d824565230ad888cb330850b64d7120a67b
29fc20dde9756a5d7609e0922846a104358f3a14a6d4addaa292d0b6fd7293d0
2e63238ed328d2ff5326c83cbef9f146c46498b05d786d057522f3cd9c0fe11a
3059f92e36a564c5cbcedc195f764e3c55c8cf919c84129c5f202870e7026b61
31d684108b61548ba747aac544e074fc2e13350fff72f0f07de2c9d705598948
35f2ec4ccf6ffe8eb7d38a99ed8a62168cdbd62b6abe4190ed2f8acbd1e550cf
376e4423b6583305300535ebd351ad3e9824a5ebf485dfddf6261af4835792a2
390a28be2ca4bcea5b71fe050295281a1a8fc99175690cdd62de378190400acb
3b4dcc216d84f51755dc2cae1b96e2c5f39a28352e1601f65f69d0e42600370a
3c766722210633878a01a1266168f93abd804eb1d5b90539146ed55870822f1d
3e7547a62e6d182a13a336293cc60a80152ad60e7cc2ae1d2aa6c1539eeeb2d3
3fede2d0c0a8c93b0c5d0ab0c38289a5743bb88720255b8298c520d2e3d90939
401786d03dbe0c83dd204266feab8aa11054845baac1effb3669be9f401e720c
4179815331b1b050e45da1ccf1d1a8cb50904e1cbb92228b32d55d545d4aaf7c
41c93545a4e2a1a46bca581d80fec8c8da014e13b310c65d694e4af30c7da9bd
449b8de5fdb31aa0d32f64828022d6471a035dec5edbf66b0ea3a4ddf57fd9b7
4546d13ea9bae9935dcd23f61d215a528120a53479bf51e372de3420029ed535
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4919e2adb5a10a0ac240f9bf62ade2264ce8bccebec66375e86ff4bab8d5a839
4b5338691e8fe24b9f5c758f9ee0e5b8fdc92ae2fb1d257c2c11ef774ecc5c08
4c57a77761f2639985b760e69c5bbaffceb6100559dcf3296d3cc96ea6a0d305
4c92262ff23b2116bad93fc1e36f1a597dc713ad8b3cd03d56f8e49bec4cb186
4ce784edc49071e31cc9e5593c2f219d3536c79e75dc42cf569a91ade8270cc1
4e2db1bef009e01901b4083a153f1607301428277a76f508e659dc2849cefa04
4e7304371ef9bcaea396e8928a9647f8306c296b9195c8763848d70c7f6f1390
4f65172cf1560e67a4b40f4a698a4406648240a551fe11c9a63eeafeed3e2aac
4fac36753dd1c16056c04d8142125e708c1d6c44d6d5906e009cd3487917cc56
5133e2e1a213ca44a8adb1f42f103a2d2e495849dfa4d42bf67c04fcc962e577
532a553e83ef36070af13f3cc7185d268e3c1e609a0d58e23044be8497830bd3
5451c82ad4141875afd527395f72fb9150c139a72713ec999fa4bb40454dd06a
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54d19370b3076cf29a9d07f91d058ee2480613599284195bfb8ebfedba70edbd
5582702e5c3761e45e6b279aa8adae9fa0dd4e787da99c954bf0cf5926c9e689
5628c46cbfbc4e87764f46abffd54f666dead37cbd81bcef2f453bceae37a865
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58451748ee362acf3449ef2a1a7b8183bbea3eb2351df91da2cff8ca7f9c119d
59efa44d6c82d28fdf18cf9d0ad8d3133a382d5edac48ebc17bdfa3597371fd0
5b380c4a76859fe62f528ec229ceb815554d35bb1048f66c5f8ce6cf9be6da2e
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
5e03ee2b412d0112b5e28e50436178ddd039a2bfa666636093314e08e20b3f3f
5e2499d3798db90822314fc9ac000ec6fc02669dd40ccafd5a7a4c0a5429153e
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
625fe25b5223dbf4bed0ba00d2b4e41a28384ba9fe952e07440b3eab0215a127
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea
6699f01143db728abd2c63ea26e7d067b8908bf6cb84059653757aff1dd885d6
6ab58161de587ae970a0a44762ee958838e961ef928c58cd9a2e680b3348171c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bcab7894c767072695814dde2c7ea423136e59146fead4f5e7513edaf719cd5
6ec9288103b5919c36e28909faf04364cdf19cf7687e234663d0d9daab65a3c0
73c33b32563e2637be90df68581c0ef5bbea9c1a4adb40efb236e864bf0f606b
75567e86d28614b61879350bf24b10cf3d5f2f97d558627059bacceacea691d0
77c36fad51d04a56e55d1d454094c4312c3b11443f42b456c3f5082d66696be1
78cf63898c91ce3b95e37bc53e07adba5c2ee705ff28c2dd1dd784173c264ad1
7992bf4c67b2c0209562ea69a0788e115c7ff3ddbbb955e77be3d0311d87f058
7bcd31cd48941d1287630c9f1f852616cf59a1d86e3456ebee40bb2ea9519e78
7d02f9bc1c7fcb14a9b1abe6cf2f220a44fa75221025d7c9964f715f0144aa3b
7d0bada0d9b66aa1ca8eb906bb9736ca96e3859e9c05287a8f0cf5ffa9ff8760
7e1cc6d5132f9127cc983d59dd19a4c1eff9d9acca35af073166c21792bbbaa2
7ff5b98c09ec9d2af43d4108160ea0455f91f415f83031cc79fbe24a3a765bb8
80b8c602f7a7befa1190e1d1a6b952c4ba741258490e8ed4abff5c5118f49b43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8388d38e2cc888f21ec1c50862c6565f1305d98f75a4e86989df4e27a3028a0d
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
8807c74392aa1062c672116278269d6d7f5122255e6b32d234c01689e5056753
881bfe30076cdcfd103138701e77cef0346eaad968c6f0dd015f14cd05c5e07d
88c5a42e7fbc0839487147414a88531996b455a15cfc7d43dbc0102e55490f89
8bc7f122cae9e9efd75cd58076d06fb057d8f50abf07ffc1716e17d87682b9cf
8ccfdf42877037670930e65c205ea0353531575475d29d62ff8f459b72531e17
8d24db7742c1a5864fcef9b95b39da9f4bdce218cd525cbd2a6c1233a9cb020e
8fe66db584b92b70607f85dab9ebe96762bbe6a3b6e02af2bb0d74510a9c802b
916c8546cc6e77b71f3a24f1edb51ec20b85fcfec7c336f59c141287bce382be
93f466f6b1a81c848140e51c839a5372034ab22182601e86dd86947ad3a7fe94
948a0e2203b91961b74d4ca9d8e37734b6f8c7da96f24b70839a52b536541c60
94e0c0d6c127bda523dadca10142ccb5067b5881bf3f54dbd7337bc03f6fe48e
96ded2078fff8b83b4115f22c881badceb583321b4b73bab993b5191cc6aeaea
970ea7e2eced4dea206add7c2f326305464289e4f05dcdb50cbf7547759ae24d
971f0c03a1e63271a19b7de81d084c6acf81e7506dae8b31a0c6587c6ddf6a34
98b7a065a2fe07cffa3c706cd7feda83d067e194f82023a614c9a0b312388c46
99219fecaa6e9ee4f6c103172f2b6c870c5f6adab22535afba2090680a3253fa
9c73990a0dba345bf44d6e88f40837b046bbf668c89d70f1f41c085dbdc211eb
9c8bb391a723e088d163b560afa73f709c42a69df5647c4fefce9d16e4226895
9cfda57bf5032c33579ba5213ea3f6f04ae76eddf8169ccc03b65dad46387700
9ef0cc99ae155124895f712a9b68285f7b0a8c3f3c151e86107a25b61cf22085
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a758040e3d48d51c8085342320827fceb7a23d282f0c29d8e3e3aa414ba5c39d
a8431bfe4316cdc20de936e824f735c9478bbc9ce3d3a51c774eca45faff637f
a952a44375a3d8c869e96f85505fcbae076f4226021f08676a1b4627152252d0
a95d1948bed3f1a45950c669f73f3d95902ee1d95e306d197f8b78186e57e2f1
ac4dd219d6f954f312bab43bbfbf0b5f7e3beacabdf91f8f9eabf091bdd22d51
ae3c472ff47a96820c1acdf9574b231a88f62a006b84d320eb313af40f32f2db
ae43eb66dbe6e443d5192f46f869ae1f53ba3baae717f917c4d6702fdf6b863c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aed1d71b7280c09f06dc1f8e87795f9d89f7a1a8ab1af32ff8c92037ddeed6ee
b09605e93ea31f8a56878c649fd3d75a316485ad6485aa1c9bcfc5aae121c70f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3f5de54b9d7070d96f4f7685deb4c4de71af5520816e5a2f0cd99df90ff322c
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ba45c4b9710b1386b82a4354f829ee2f201e70742a2e646ffbedfa889e43d41f
baee07e6cf9cf189699de48a4a7009c3920868c17af309a6c3c2fd773082ec46
bbe0aa82dca8a36f677fb17025c3baa011d355bd7cb42d4aacea1b0265855d6e
bf6005f6e5e8f5fbecf055ce4e63dfc6096b584acf0973e4da11a5ce408fd414
c00503b7b8b03c9865ea041f1cdc522127c49ee4a74428ce1af61abd1aa85e36
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c70242480ad0a0ecc7c305d659f1fdb3a9cb1eb480927b46f8bd62d33ed0f8b2
c8b80bfa49e867995638cf7d0200a2a2ab42e958ffd140da4380519027554201
c922571f00cbeeb2c51d53066b76efa9f46487ea6a5a4361fe11ae27312e5e43
c9f06bf648ffbb3060fbb24ddac31eed6f29f4ad69a6f9298ef63d4f14eda680
cb041b77a824f7b0eea5b1d14ee5395f4ad561815d77bd1fa2ae2d7a88cd5a78
ce95c6cde0c6fb2e69a15cca63fded4719cf4275cd03fcc6279cf4d0e9ea0177
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d2d992b7835d73786a8dec113fe9cf70b311ee2227fee0d177844415d7b8f2df
d78489fc36dabb005c4aa9088e8bf675dbba88db0a40b22b2d6163ac2f693fac
d9da61cbf2665aed71c6d5c6d58282fa9ca941d488718bf16fc49f819fa2bbf2
dafe277be793f7c92f70acf012cba32d18b344b2b895629edf072b61ba3e16e0
dc13abd25a627a2481bced8a69e5daace0cac7eeb2ee19e7bc5b16852adc4279
e12c7ef56e8244af1de27e6717aea5fedcab5bf4701c6f4c8a7f82a7cefe708c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5044afbdaa92a7579b3dcea7f08d5a3da91e17d62cb56eaa999d5690faacf03
e51831d751ef667b1f703a47bb05802b681e6a30816f5cce0d56c3552a4eaa31
e7bd0b1c71678463acb8f96f3a6cd4eeda6ee0c196ded8bf557ac5b2b5ae864a
e84ac255827253b3460920cd2df05b05a671ebafd87df63f8b356c2acca613f6
e941b122b951ffc9b8bec72e34d81fd0ce3c9735379e51696b86656d19563fa0
eab772a3cf0afc7491e9dd5d0abf33df5f4b43a54bf7c2d464ce03ffee35754e
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
eb9ec684a7198fded61e248eaff2d28d0c9f8a15dfee8d9afff66aa6ff200461
ec5b161252a2e2b526491ccae0f9bc98461f13ac082579421043e9d556ea2f3d
eccabf5cc7613433c3ddc71ff34391ae850d304d3aceb5666868c4947134f3b5
edae7b5af68901c8f29f976ba6d1b0973b793614bd1f009fde1da88b2f59e818
eefc2533a82b69fab9b19b9e316bb606e70d17d61b57f9ea841b26c59624bc20
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ba087e5db261aad74219647cb8f9004e32305ab23ef02a162f4c79574dd90d
f10b9b0c4107ca5a40a5c69b1ac91a8948d84f39893dee6b429cdbdb05887093
f12bfcfe32a118f715dbfbd7c13833f73ed857e42dae19f8ef24fc8b473840af
f39f33327378cf5aad8b1d72b7f2c5ced2f64686ee86cd18c2a7dea386151963
f49eaccc717300154b7e0b0ddb63a95b28cb427335e3714472eb4936cc33e8b6
f5795a3b6a150bf86182b75712570fa67aad082a2f5398941c7176e7ca0eba98
f5f24ffc5d931243a6e2818cac716ed061b7cf0065aead0b1ab77e8c2af890cb
f8926bcd2ffa7e82f08210092d7efe02938311ebacc02fbf0c519915baabc22b
f8a3f3e789888cc4d06c6168c575b44481339a6cf22395a0f1ae232090937af9
fc54c09a7a71615ec35a22ed20afa4034588986ed88c3fc184b2c0bc637c33fb
ff0d918852310a1443782dc8b409a9fa4c2a2e623127edb1bcbec6144284c03a

www.databreachtoday.com Open in urlscan Pro 50.56.167.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

231 Requests

96 %HTTPS

43 %IPv6

32 Domains

52 Subdomains

34 IPs

8 Countries

11372 kBTransfer

17979 kBSize

1 Cookies

78 Outgoing links

Page URL History

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.databreachtoday.com Open in urlscan Pro
50.56.167.254 Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

96 %
HTTPS

43 %
IPv6

32
Domains

52
Subdomains

34
IPs

8
Countries

11372 kB
Transfer

17979 kB
Size

1
Cookies

231 HTTP transactions
0 data transactions