www.darkreading.com Open in urlscan Pro
104.18.109.47 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Submission: On February 12 via api (February 12th 2024, 2:08:37 am UTC) from TR — Scanned from DE

Summary HTTP 257 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 40 IPs in 7 countries across 26 domains to perform 257 HTTP transactions. The main IP is 104.18.109.47, located in and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 149169.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
78	104.18.109.47 104.18.109.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
4	18.245.86.23 18.245.86.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:3800:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:944b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.26.47 108.138.26.47	16509 (AMAZON-02) (AMAZON-02)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	52.71.60.78 52.71.60.78	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.99.89 13.32.99.89	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:94a... 2a05:d018:94a:8a01:e18d:a0de:5092:6397	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	18.196.132.224 18.196.132.224	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:6e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:440... 2606:4700:4400::6812:2595	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
19	23.210.17.232 23.210.17.232	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	52.87.40.170 52.87.40.170	14618 (AMAZON-AES) (AMAZON-AES)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
32	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
1	52.86.147.206 52.86.147.206	14618 (AMAZON-AES) (AMAZON-AES)
9	54.165.74.141 54.165.74.141	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
3	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
257	40

78 104.18.109.47 (None, )

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.86.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-23.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:3800:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:944b (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-47.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.60.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-60-78.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-89.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:94a:8a01:e18d:a0de:5092:6397 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.132.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6e2f (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2595 (United States)

ASN13335 (CLOUDFLARENET, US)

api.iiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.210.17.232 (Schiphol, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-17-232.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.87.40.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-40-170.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.86.147.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-147-206.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.165.74.141 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-74-141.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	darkreading.com www.darkreading.com — Cisco Umbrella Rank: 149169 c.darkreading.com — Cisco Umbrella Rank: 362571	987 KB
42	celtra.com ads.celtra.com — Cisco Umbrella Rank: 4418 cache-ssl.celtra.com — Cisco Umbrella Rank: 5355 track.celtra.com — Cisco Umbrella Rank: 5190	700 KB
29	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 www3.doubleclick.net — Cisco Umbrella Rank: 18703 stats.g.doubleclick.net — Cisco Umbrella Rank: 80	227 KB
21	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 43404	284 KB
20	moatads.com z.moatads.com — Cisco Umbrella Rank: 745 mb.moatads.com — Cisco Umbrella Rank: 972 px.moatads.com — Cisco Umbrella Rank: 680	344 KB
18	googlesyndication.com 4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 114	454 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 337	289 KB
5	google.com marketingplatform.google.com — Cisco Umbrella Rank: 16148 region1.analytics.google.com — Cisco Umbrella Rank: 2720 www.google.com — Cisco Umbrella Rank: 2	1 KB
4	informa.com static.iris.informa.com — Cisco Umbrella Rank: 48630	379 KB
3	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9315	1 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1896 in.ml314.com — Cisco Umbrella Rank: 10433	11 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 13181 eu01.in.treasuredata.com — Cisco Umbrella Rank: 22869	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	239 KB
2	iiris.com api.iiris.com — Cisco Umbrella Rank: 185910	2 KB
2	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8841	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 1019	60 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 304082 assets.ubembed.com — Cisco Umbrella Rank: 12316	49 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 602	29 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1392	201 B
1	google.de www.google.de — Cisco Umbrella Rank: 6562	408 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1625	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 553	304 B
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 782	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
257	26

	Domain	Requested by
77	www.darkreading.com	www.darkreading.com
32	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
27	securepubads.g.doubleclick.net	www.darkreading.com pagead2.googlesyndication.com
21	eu-images.contentstack.com	www.darkreading.com
16	px.moatads.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com cdn.cookielaw.org
9	track.celtra.com	www.darkreading.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com pagead2.googlesyndication.com tpc.googlesyndication.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com
4	static.iris.informa.com	www.darkreading.com
3	bam.eu01.nr-data.net	www.darkreading.com
3	www.google.com	securepubads.g.doubleclick.net www.darkreading.com
3	z.moatads.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	www.darkreading.com
2	ml314.com	z.moatads.com ml314.com
2	api.iiris.com	www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	cognito-identity.eu-west-1.amazonaws.com	www.darkreading.com
1	js-agent.newrelic.com	www.darkreading.com
1	in.ml314.com	ml314.com
1	mb.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	www.google.de	www.darkreading.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	marketingplatform.google.com	www.darkreading.com
1	www3.doubleclick.net	1 redirects
1	geolocation.onetrust.com	www.darkreading.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	www.darkreading.com
1	connect.facebook.net	www.darkreading.com
1	fonts.googleapis.com	www.darkreading.com
257	41

This site contains links to these domains. Also see Links.

Domain
www.informa.com
dr-resources.darkreading.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
www.twitter.com
www.reddit.com
www.bitdefender.com
darkreading.tradepub.com
ve.informaengage.com
www.blackhat.com
www.informationweek.com
dr-resources.tradepub.com
info.wrightsmedia.com
www.informatech.com
www.onetrust.com

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-21` - `2024-02-19`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.js.ubembed.com E1	`2023-12-17` - `2024-03-16`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-05`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
iiris.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
celtra.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Frame ID: 75FFFA8FC59F430AD31C370EEBC1EC35
Requests: 191 HTTP requests in this frame

Frame: https://4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D1542AAD090A22671AA3316EBD557E04
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7913AF530216EA9BED8230052B0B0D55
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVjL_LnmwJAFYZllbngn7r50_kmLWoNjqNCpfprKl8J86zihILMpqHNuFb1gEtcrZWOv43znZs7jqvPcL6x-SUL9Rhz5NM0SVdK1TFsdWsrwli91SZA21nApyGhD46RRyqAWAd1EU9LV2B0VYsNzAVsRcb91LRx9nV4vD5JokveQDUiQtIWGj83RiVeylwIlinFtel7z9M8WAMSe4G_x49bLWYHdVuWFC1IF46YdyMnx0J0PKmdK30HMCGMxNIOiPraimXZ_X1B2HopNis2leShPDA8LE0ZDwLwQhqAwm56u64eJiDh989BZm85WYAQWEBW_qohergb0ZOfi_8BDGSBARDYbbDRVBc6_CMAgwxngsjHsQ2kkkN-Ll4gMMYEtBu58e7-zd-lWE&sai=AMfl-YSXC6R10oueiuHi0gqUCYfGNNcuWsKdOYoQ65evv86kLPwdhL6Fy9XhJrb4ZkXH9ox64H2FYUUb8f-Aaxd_ViykKi2dbdkpiNHdkg8UegGaczKWhYuUp1D4GcsQcw&sig=Cg0ArKJSzH7HtLRzDxYGEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 4B18FFDADAC08D3EEF66BA22CC6EFD0E
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlxnTBnHwXPNJVprVo_fcXC1smGQsv4Ae6ixaXLdAD5ZwXVpI6VmTe5MCZWUpJ8IxNnqICp9yLPW8-9jDn7JjxhkKIwKBshrX3gDWb8Fg6rRCGn8aCs4nDzwZJdl1GYvfX21pkyXBs7S1ufs3ZJoislXbpwCdGiDSvuoOj60cSHVhLNqnk7ef7-s2-6PYChu5TxKDR8Axa3Whgj_FIUSLxv9Ckuq-g22x5G42kYIwjinkkW7XkU_-V_sSySW82wqsUpI213z8JMg5aRX2v2pXjasXAZYH1vnBGjbsQ6i5ETAYiTCM4WvZ3xzMwU5zhc3LDYNZPEb24Zyp2m2IxVsykVkRFVZx9RtyuWCOR3ovoC9rWQBST342rnPFBVIk08FFfGj7FWg&sai=AMfl-YQhwf8GcjiA7QNDe665CZc5cy0cAwBEBp4oool9qsmmjp_0Df6CU5-HOLx4XCQsauM3epLjx_82tBCRVqlTaT74_iwpXAyBnBvu0shxOxvNiUma7oPeiN4IoZKxHWA&sig=Cg0ArKJSzCA_RW5II1ONEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 43BA6F0AB8EF83B3BC35D086144AB78B
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0bJUyYRTndHWHl6VlAxj8WhHpjzga-QZbXYvBcd6iDNLysVG4Y1Sx05-yjBc1LitsYJr5dOPru2G_yu8c9oogL6seu-TDY19gaZRSJ7vF1RRnTw8SoEOjCCygGljK6AViRIoxFpgsTn1qTsUumYz26luGEHQCQiZbjZ0cFQLMq0O8--IXa8tuaeQkOHO4z6OwzlGfuKqlgLqCm4v_XYR6886nDkFjwpY3-W-PaZNNf6t7dZbMO7yLbyhDbfK0H-YXU8kce6PTsSriNIMl711cFKghv6zHvhfHOyT9vqZkeRs9pE4GIx7yJZRFoj1EA6CwzlzE59UN-oA3Ybw2eZCcJcNEalMXsFFzgU2xg2PDaCLx-x0AJRmHOKf09wniQNoaMkFUMrlujiA&sai=AMfl-YQyoUuFbKCX_JGFI-gL9mM2kqLyCkUEppYT-YF3vC3U1t3DYKHwST6Z5J-qXMeRtKFdHX-GV-1SxpHNn1Im_4M5UtaJ1AK70obF4UkuQCySIonZLAWWq1TmsJYktQ&sig=Cg0ArKJSzBNUwMdAl4CBEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 33BF6BBFB74D503E19EF95347D4F2A63
Requests: 9 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20()%2C-01235689%3AABCDEFGHIKLMNOPQRSTUVWZabcdefghiklmnoprstuvwxy%E2%84%A2
Frame ID: 5FA8C7D6D2F46AAA0036F5BF68163021
Requests: 31 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E0D8456E6D157B18FFB615D43FCFD0FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08F7D953FAF8ABAC995FD0CD9D98419B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MacOS Targeted by New Backdoor Linked to ALPHV RansomwareCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

257
Requests

99 %
HTTPS

55 %
IPv6

26
Domains

41
Subdomains

40
IPs

7
Countries

4152 kB
Transfer

11365 kB
Size

22
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: https://www.informa.com/about-us/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://www.informa.com/investors/
Title: INVESTOR RELATIONS

Search URL Search Domain Scan URL

URL: https://www.informa.com/talent/
Title: TALENT

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3&hl=en-US&gl=US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware&title=MacOS%20Targeted%20by%20New%20Backdoor%20Linked%20to%20ALPHV%20Ransomware

Search URL Search Domain Scan URL

URL: https://www.bitdefender.com/blog/labs/new-macos-backdoor-written-in-rust-shows-possible-link-with-windows-ransomware-group/
Title: advisory

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo208&ch=sbx&cid=_upcoming_webinars_8.500001391&_mc=_upcoming_webinars_8.500001391&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: DevSecOps: The Smart Way to Shift Left

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf74&ch=sbx&cid=_upcoming_webinars_8.500001397&_mc=_upcoming_webinars_8.500001397
Title: Making Sense of Security Operations Data

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_clow50&ch=sbx&cid=_upcoming_webinars_8.500001398&_mc=_upcoming_webinars_8.500001398
Title: Your Everywhere Security Guide: 4 Steps to Stop Cyberattacks

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_apii04&ch=sbx&cid=_upcoming_webinars_8.500001396&_mc=_upcoming_webinars_8.500001396
Title: API Security: Protecting Your Application's Attack Surface

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo212&ch=sbx&cid=_upcoming_webinars_8.500001399&_mc=_upcoming_webinars_8.500001399
Title: Securing the Software Development Life Cycle from Start to Finish

Search URL Search Domain Scan URL

URL: https://ve.informaengage.com/virtual-events/cybersecuritys-hottest-new-technologies-what-you-need-to-know/?ch=sbx&cid=_session_16.500316&_mc=_session_16.500316
Title: Cybersecurity's Hottest New Technologies - Dark Reading March 21 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/asia-24/?cid=_session_16.500313&_mc=_session_16.500313
Title: Black Hat Asia - April 16-19 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/tr-24/?cid=_session_16.500312&_mc=_session_16.500312
Title: Black Hat Spring Trainings - March 12-15 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5051&ch=sbx&cid=_analytics_7.300005999&_mc=_analytics_7.300005999&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: Passwords Are Passe: Next Gen Authentication Addresses Today's Threats

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_mend19&ch=sbx&cid=_analytics_7.300005998&_mc=_analytics_7.300005998&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: The State of Supply Chain Threats

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_forq239&ch=sbx&cid=_analytics_7.300005997&_mc=_analytics_7.300005997&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: How to Deploy Zero Trust for Remote Workforce Security

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/executive-insights-and-innovation/it-strategy/2021-digital-transformation-report/428703?cid=_analytics_7.300005914&_mc=_analytics_7.300005914
Title: 2021 Digital Transformation Report

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/security-monitoring/cloud-security/privileged-access-management-checklist/429733?cid=_analytics_7.300005907&_mc=_analytics_7.300005907
Title: Privileged Access Management Checklist

Search URL Search Domain Scan URL

URL: https://dr-resources.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk83&ch=sbx&cid=_whitepaper_14.500005518&_mc=_whitepaper_14.500005518&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: 2023 Snyk AI-Generated Code Security Report

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk82&ch=sbx&cid=_whitepaper_14.500005517&_mc=_whitepaper_14.500005517&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: Migrations Playbook for Saving Money with Snyk + AWS

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk81&ch=sbx&cid=_whitepaper_14.500005516&_mc=_whitepaper_14.500005516&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk77&ch=sbx&cid=_whitepaper_14.500005515&_mc=_whitepaper_14.500005515&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: 2023 Software Supply Chain Attack Report

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/free/w_snyk73/prgm.cgi?a=1&cid=_whitepaper_14.500005514&_mc=_whitepaper_14.500005514&_sp=9f3eb95c-7738-4e32-801f-b74c28a50f14
Title: Understanding AI Models to Future-Proof Your AppSec Program

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.informatech.com/

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy|

Search URL Search Domain Scan URL

URL: https://www.informatech.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

257 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Show response
www.darkreading.com/threat-intelligence/ 240 KB
47 KB 3808ms
1533ms Document
text/html 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d68d18e767c4226be28c09cf2b37cbe531383ce733194fffda817933320dca2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status: EXPIRED
cf-ray: 8541489dda48453a-TXL
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Feb 2024 02:08:26 GMT
last-modified: Sun, 11 Feb 2024 20:13:50 GMT
server: cloudflare
strict-transport-security: max-age=3153600000
vary: Accept-Encoding

GET
H2 200 styles.generated-4XZZNIWX.css
www.darkreading.com/build/_assets/ 8 KB
3 KB 101ms
38ms Stylesheet
text/css 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/styles.generated-4XZZNIWX.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 917117
etag: W/"1e46-18d605a9288"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea61453a-TXL

GET
H2 200 swiper.min-FCSS2HML.css
www.darkreading.com/build/_assets/ 5 KB
3 KB 103ms
41ms Stylesheet
text/css 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/swiper.min-FCSS2HML.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 2691186
cf-polished: origSize=6255
etag: W/"186f-18bfba43688"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea62453a-TXL

GET
H2 200 brand.generated-BJEG7MSG.css
www.darkreading.com/build/_assets/ 374 KB
47 KB 133ms
73ms Stylesheet
text/css 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/brand.generated-BJEG7MSG.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb03f47be374b1eeced807c368c4015291dfa617c580ee1320b4c45add40d4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=383566
etag: W/"5da4e-18d7eb3cc68"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea64453a-TXL

GET
H2 200 back_door_Medicimage_Education_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt1dcc628acac13009/65c691d56bbc7a040a359ab3/ 2 KB
3 KB 191ms
40ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt1dcc628acac13009/65c691d56bbc7a040a359ab3/back_door_Medicimage_Education_Alamy.jpg?width=850&auto=webp&quality=10&format=jpg&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

67f5aedb17e5350a4c106fd42af6a89330c5c7dabac42ef464adb851316f7a17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 191428
x-cache: HIT, HIT
fastly-io-info: ifsz=903334 idim=5059x3360 ifmt=jpeg ofsz=1964 odim=850x565 ofmt=webp
filename1: custom
content-disposition: inline; filename=back_door_Medicimage_Education_Alamy.webp
fastly-stats: io=1
content-length: 1964
x-request-id: 45bbc683d7b268d301791e0a435b6aa3
x-served-by: cache-ams12744-AMS, cache-fra-etou8220047-FRA
x-runtime: 59ms
server: contentstack
x-timer: S1707703707.968063,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "JmxqK8KiQX/pmjEvI+bYrTjzpI4TNKmnh87m5apJ7KQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 9, 1

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 203ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Feb 2024 02:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 01:22:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Feb 2024 02:08:26 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 217ms
65ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 44876
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66f60ca1-801e-000e-0e3e-0d1033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148a88d6192ab-FRA
expires: Tue, 13 Feb 2024 02:08:26 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 206ms
54ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jEXNH7qItSS8Y+G7eM2k2w==
age: 71636
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Fri, 09 Feb 2024 19:39:00 GMT
server: cloudflare
etag: 0x8DC29A6C39FC4B3
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d0c130ae-101e-000c-32ce-5bae8b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148a88d6392ab-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 164ms
58ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e117bec31655210f76ed04f03842e80e4af3e1226306943a6d05759827c46717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29398
x-xss-protection: 0
server: cafe
etag: 368 / 19765 / m202402060101 / config-hash: 3544666277437429358
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 02:08:27 GMT

GET
H2 200 informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/ 3 KB
3 KB 167ms
109ms Image
image/png 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 361718
cf-polished: origSize=4020
etag: W/"fb4-18bfba43688"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 854148a81aba453a-TXL
content-length: 2815

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
882 B 34ms
29ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Feb 2024 16:52:27 GMT
server: cloudflare
etag: W/"65c3b54b-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 854148a8db24453a-TXL
expires: Wed, 14 Feb 2024 02:08:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 146ms
40ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b632f35ed3bd54598f87ea3e4ba17d479d00ebb056f9a197aa54621a4c2391f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 02:08:27 GMT
content-md5: gSVinmu5Wtvo4xRas15w/Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: W5CfxEdm8q0gLyaUT3gDpp1wGhMSh+8diq5Rkt2koZgJKujdmjhgBfqMTXNKgKNRdaJ8TYaW8eipnrl8YWQliA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4022f9a00dcee81384b96dd841bdc602
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "5724f05baa76f3c95a88984d7514ae4f"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Mon, 12 Feb 2024 02:27:46 GMT

GET
H2 200 entry.client-VOU2QAI4.js Show response
www.darkreading.com/build/ 546 B
463 B 95ms
39ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/entry.client-VOU2QAI4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 359167
cf-polished: origSize=547
etag: W/"223-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea65453a-TXL

GET
H2 200 chunk-654PJEY4.js Show response
www.darkreading.com/build/_shared/ 121 KB
40 KB 102ms
47ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-654PJEY4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=124372
etag: W/"1e5d4-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea66453a-TXL

GET
H2 200 chunk-ADOFUXDS.js Show response
www.darkreading.com/build/_shared/ 122 KB
28 KB 98ms
44ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ADOFUXDS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=125229
etag: W/"1e92d-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea67453a-TXL

GET
H2 200 chunk-KQKZX6A4.js Show response
www.darkreading.com/build/_shared/ 52 KB
18 KB 99ms
45ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KQKZX6A4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=54355
etag: W/"d453-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea69453a-TXL

GET
H2 200 chunk-ZSCMMWXX.js Show response
www.darkreading.com/build/_shared/ 1006 B
652 B 94ms
40ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZSCMMWXX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 4653143
cf-polished: origSize=1007
etag: W/"3ef-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea6b453a-TXL

GET
H2 200 chunk-YTM7JQ6Y.js Show response
www.darkreading.com/build/_shared/ 2 KB
833 B 95ms
43ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YTM7JQ6Y.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e12e84a21fe878c498981b984a4bcbd04651f64907c381dd6430b3069e74a207

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=1549
etag: W/"60d-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea6d453a-TXL

GET
H2 200 chunk-TFR26LLE.js Show response
www.darkreading.com/build/_shared/ 2 KB
900 B 94ms
42ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TFR26LLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 5368146
cf-polished: origSize=1765
etag: W/"6e5-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a7ea6f453a-TXL

GET
H2 200 chunk-7KSULVJY.js Show response
www.darkreading.com/build/_shared/ 1 MB
379 KB 161ms
110ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7KSULVJY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a141546dbb061d084a8104ffa1c77a83ac3e096aed8777feeb0362dc5ba4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 917117
cf-polished: origSize=1232478
etag: W/"12ce5e-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a85453a-TXL

GET
H2 200 chunk-V45APN7X.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 127ms
77ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-V45APN7X.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e7e4be2d253c50a013e3a19eddab94c09f193a2f71476571f6862a6f67babba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 917117
cf-polished: origSize=1867
etag: W/"74b-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a86453a-TXL

GET
H2 200 chunk-2MQOLYJ6.js Show response
www.darkreading.com/build/_shared/ 99 B
158 B 124ms
75ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2MQOLYJ6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a87453a-TXL

GET
H2 200 chunk-4OFPQ62H.js Show response
www.darkreading.com/build/_shared/ 99 B
176 B 122ms
74ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4OFPQ62H.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 328903
cf-polished: origSize=100
etag: W/"64-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a88453a-TXL

GET
H2 200 chunk-5MWS22BC.js Show response
www.darkreading.com/build/_shared/ 2 KB
793 B 122ms
74ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-5MWS22BC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8517de4468d3ca320592c6a7b75fa4a1aa6ec8642362e1ad6fbd3433e4b1e0c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 359167
cf-polished: origSize=1873
etag: W/"751-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a89453a-TXL

GET
H2 200 chunk-JSLP45NT.js Show response
www.darkreading.com/build/_shared/ 445 B
432 B 122ms
75ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JSLP45NT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1517678
cf-polished: origSize=446
etag: W/"1be-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a8a453a-TXL

GET
H2 200 chunk-EJDXW353.js Show response
www.darkreading.com/build/_shared/ 99 B
181 B 119ms
73ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EJDXW353.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a8b453a-TXL

GET
H2 200 chunk-W42GJVNL.js Show response
www.darkreading.com/build/_shared/ 286 B
301 B 134ms
89ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-W42GJVNL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1517678
cf-polished: origSize=287
etag: W/"11f-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a8d453a-TXL

GET
H2 200 chunk-VWUQAWN5.js Show response
www.darkreading.com/build/_shared/ 20 KB
5 KB 120ms
76ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-VWUQAWN5.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e997c0f427363a74662c4e086aab357b95331c2865a9235a4a05159e08cce40c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=20880
etag: W/"5190-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a8e453a-TXL

GET
H2 200 chunk-QF2327UI.js Show response
www.darkreading.com/build/_shared/ 294 B
303 B 118ms
74ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QF2327UI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=295
etag: W/"127-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a8f453a-TXL

GET
H2 200 chunk-2PCPYTVA.js Show response
www.darkreading.com/build/_shared/ 99 KB
31 KB 140ms
97ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2PCPYTVA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64a5229192c1b7cd69fb0e2971a1baa024a7eb24eb7caf323b963bdd03872905

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=101214
etag: W/"18b5e-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a90453a-TXL

GET
H2 200 chunk-NQIT5BXU.js Show response
www.darkreading.com/build/_shared/ 2 KB
793 B 117ms
75ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NQIT5BXU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9ffd67fa2d6f65b772905094ee912ca6dc382ecff4e818eba409d0e4e2d5b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 359167
cf-polished: origSize=1539
etag: W/"603-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a91453a-TXL

GET
H2 200 chunk-J56IETE6.js Show response
www.darkreading.com/build/_shared/ 99 B
158 B 117ms
76ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-J56IETE6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a92453a-TXL

GET
H2 200 chunk-LKD6MKLV.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 117ms
76ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-LKD6MKLV.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd09b4b1993a14b71038fde1550332486367f74b81388fe13eb63a7a382e66c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 917117
cf-polished: origSize=4407
etag: W/"1137-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a93453a-TXL

GET
H2 200 chunk-NYVDH3MD.js Show response
www.darkreading.com/build/_shared/ 99 B
195 B 116ms
76ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NYVDH3MD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a94453a-TXL

GET
H2 200 chunk-VLGHYY42.js Show response
www.darkreading.com/build/_shared/ 73 KB
24 KB 132ms
93ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-VLGHYY42.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecccefafe81a1f1b982c9bb5c4d8296908a93242c4ecea61831184484b8b1520

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=76519
etag: W/"12ae7-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a95453a-TXL

GET
H2 200 chunk-BGVAJVIT.js Show response
www.darkreading.com/build/_shared/ 268 B
289 B 130ms
91ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BGVAJVIT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 2691227
cf-polished: origSize=269
etag: W/"10d-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a96453a-TXL

GET
H2 200 chunk-RV3JR3RD.js Show response
www.darkreading.com/build/_shared/ 99 B
156 B 141ms
103ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RV3JR3RD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a97453a-TXL

GET
H2 200 chunk-U4RHUKDM.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 129ms
92ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-U4RHUKDM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a98453a-TXL

GET
H2 200 chunk-WDD67XQQ.js Show response
www.darkreading.com/build/_shared/ 15 KB
6 KB 139ms
103ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WDD67XQQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=15141
etag: W/"3b25-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a99453a-TXL

GET
H2 200 chunk-JSU5JCFH.js Show response
www.darkreading.com/build/_shared/ 133 KB
41 KB 143ms
108ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JSU5JCFH.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9483f6fa2fcb32b3ba85b592f00a24ed0b35d47bcd3634ee451477812845ca5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=136809
etag: W/"21669-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a9a453a-TXL

GET
H2 200 chunk-AEBM4IWQ.js Show response
www.darkreading.com/build/_shared/ 99 B
160 B 136ms
102ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AEBM4IWQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a9b453a-TXL

GET
H2 200 chunk-SAE5FR5J.js Show response
www.darkreading.com/build/_shared/ 214 KB
74 KB 143ms
109ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-SAE5FR5J.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11efe79bc9fd298582704ecee9d88a628ac49233ec420ab2cb075dcfc647c019

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 917117
cf-polished: origSize=219142
etag: W/"35806-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a9c453a-TXL

GET
H2 200 root-MMTPPMSF.js Show response
www.darkreading.com/build/ 43 KB
13 KB 140ms
107ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/root-MMTPPMSF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb655c459e78c39e2b60f1f9f178cf1e1b14601626328fc29f6c35da71eb13ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=44036
etag: W/"ac04-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a9d453a-TXL

GET
H2 200 chunk-4ULWTTY5.js Show response
www.darkreading.com/build/_shared/ 1 KB
849 B 139ms
107ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4ULWTTY5.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

279d5ea2aef390011ef2f16b6acd1dbbfac1595adc42d9cd3465e10cfd5b8acc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=1499
etag: W/"5db-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a9e453a-TXL

GET
H2 200 chunk-OQSC4DND.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 121ms
90ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-OQSC4DND.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a7f48e84247f98e9e92aa603052fba27f00e7409c971b7bf11b28348861e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=3211
etag: W/"c8b-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81a9f453a-TXL

GET
H2 200 chunk-4XIE5E7N.js Show response
www.darkreading.com/build/_shared/ 2 KB
734 B 135ms
104ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4XIE5E7N.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02e83ab853d8de801795d261a4cedae702c547554058d28ea0f5c1460b8a034f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=2070
etag: W/"816-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa0453a-TXL

GET
H2 200 chunk-TO27WGWA.js Show response
www.darkreading.com/build/_shared/ 1 KB
682 B 135ms
105ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TO27WGWA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a898dd16565bde025d7e7ac952d118f3889a4fd330744d23a0897ab1268d461

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=1240
etag: W/"4d8-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa1453a-TXL

GET
H2 200 chunk-2UTDBATZ.js Show response
www.darkreading.com/build/_shared/ 9 KB
3 KB 134ms
105ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2UTDBATZ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09a119f0aeee6464c3fad8c8bd7118748f3cade165fb4dabc80398667f36ca12

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=9083
etag: W/"237b-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa2453a-TXL

GET
H2 200 chunk-XF6QUCSW.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 135ms
106ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-XF6QUCSW.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45e8960eacb3b322f02c13c5785d53073f45705ed7417757de14b447522add29

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=4128
etag: W/"1020-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa3453a-TXL

GET
H2 200 chunk-6GEGUMFF.js Show response
www.darkreading.com/build/_shared/ 975 B
675 B 136ms
108ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6GEGUMFF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1513095
cf-polished: origSize=976
etag: W/"3d0-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa4453a-TXL

GET
H2 200 chunk-HQRTWE5A.js Show response
www.darkreading.com/build/_shared/ 594 B
444 B 131ms
104ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HQRTWE5A.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 5368146
cf-polished: origSize=595
etag: W/"253-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa6453a-TXL

GET
H2 200 chunk-CUKPQI5Q.js Show response
www.darkreading.com/build/_shared/ 2 KB
776 B 132ms
106ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-CUKPQI5Q.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a0ef9fa4aa1a1f5d4175249ba8a918e1c78df30f658801195f86cb13a2ecf28

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=1664
etag: W/"680-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa7453a-TXL

GET
H2 200 chunk-ZZV7TCFL.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 134ms
108ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZZV7TCFL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dffef7ad0af260b60f64c45e974052e3ea34f4ebafe1145b4c8be51366978252

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 917117
cf-polished: origSize=2247
etag: W/"8c7-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa8453a-TXL

GET
H2 200 chunk-6A2GLJQM.js Show response
www.darkreading.com/build/_shared/ 99 B
177 B 116ms
91ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6A2GLJQM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aa9453a-TXL

GET
H2 200 chunk-O54HVNMC.js Show response
www.darkreading.com/build/_shared/ 225 KB
75 KB 134ms
110ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-O54HVNMC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f49b0b50ae5d0adc7dadd2a82803c05e286a231810664f198ab356e8cef1b9bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 359166
cf-polished: origSize=230749
etag: W/"3855d-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aab453a-TXL

GET
H2 200 chunk-B2TQ3NOO.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 131ms
108ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-B2TQ3NOO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c5abab791942a7a119bfd91c2298b0ccfe8a7f83be1bab6bf508901969a5a9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 359166
cf-polished: origSize=3232
etag: W/"ca0-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aad453a-TXL

GET
H2 200 chunk-YB2PZH4U.js Show response
www.darkreading.com/build/_shared/ 99 B
210 B 132ms
109ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YB2PZH4U.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aae453a-TXL

GET
H2 200 chunk-GY4YSMUY.js Show response
www.darkreading.com/build/_shared/ 99 B
156 B 126ms
103ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GY4YSMUY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81aaf453a-TXL

GET
H2 200 chunk-7ABGLIHU.js Show response
www.darkreading.com/build/_shared/ 99 B
170 B 126ms
104ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7ABGLIHU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1517678
cf-polished: origSize=100
etag: W/"64-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab0453a-TXL

GET
H2 200 chunk-S5BLDAV7.js Show response
www.darkreading.com/build/_shared/ 2 KB
981 B 128ms
107ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-S5BLDAV7.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52e92e164cef176a60f25df19e01650bdb4f4bf44e6530e2e020c304af5d7a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=2484
etag: W/"9b4-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab2453a-TXL

GET
H2 200 chunk-DMTCTSCV.js Show response
www.darkreading.com/build/_shared/ 430 KB
61 KB 131ms
111ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-DMTCTSCV.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfae0d1d35b161909c177ea751a4c287e969b1b31120348bc6003b3168457435

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=440616
etag: W/"6b928-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab3453a-TXL

GET
H2 200 chunk-5NNQRZ5Z.js Show response
www.darkreading.com/build/_shared/ 1 KB
777 B 125ms
105ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-5NNQRZ5Z.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f287589f4f6b593e2d8e1713f8de0df37425f09ba7fc8d8ff856cee5d00afede

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 359166
cf-polished: origSize=1296
etag: W/"510-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab4453a-TXL

GET
H2 200 chunk-F6XYIFAB.js Show response
www.darkreading.com/build/_shared/ 1000 B
553 B 126ms
107ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-F6XYIFAB.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bdccea96f49f25798682bbd62fe25c4de68b20bf36519674516f8bc7842fad96

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=1001
etag: W/"3e9-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab5453a-TXL

GET
H2 200 chunk-3MS3TJ6I.js Show response
www.darkreading.com/build/_shared/ 99 B
157 B 128ms
110ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3MS3TJ6I.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab6453a-TXL

GET
H2 200 chunk-W2CMSQNK.js Show response
www.darkreading.com/build/_shared/ 1 KB
665 B 126ms
109ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-W2CMSQNK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4eff229f2a1df818e9fa264b832bd19cff2cd3616b487528df023b935168c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=1062
etag: W/"426-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab7453a-TXL

GET
H2 200 $topic.$slug-NUY4VWR3.js Show response
www.darkreading.com/build/routes/ 181 KB
57 KB 127ms
110ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/routes/$topic.$slug-NUY4VWR3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42f0f9290314afb23da64b1ab586f93b454c494182f9daa0a233319b21f35de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:26 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 397887
cf-polished: origSize=184925
etag: W/"2d25d-18d7eb3cc68"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a81ab9453a-TXL

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 185ms
79ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 854148aa19cc5d74-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 135ms
54ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 52187
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 59ff7cb2-901e-0012-7548-234253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148a9bfad91cf-FRA
expires: Tue, 13 Feb 2024 02:08:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 348 KB
104 KB 212ms
106ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

68a3853d20f5f6eeb4ca7b52fb3f52a85f00bbf937b5fca88a6162b055f5ce26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106370
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 02:08:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
45 KB 154ms
50ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c7a6a9352b1be0292d8ab50315fae4b5485a25a36ae09867375e2e703354398c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46032
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 12 Feb 2024 02:08:27 GMT

GET
H2 200 Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/ 554 B
326 B 41ms
40ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"22a-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abba453a-TXL

GET
H2 200 Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/ 493 B
374 B 41ms
41ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6490940
etag: W/"1ed-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abbb453a-TXL

GET
H2 200 ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/ 449 B
410 B 39ms
38ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 2665358
etag: W/"1c1-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abbc453a-TXL

GET
H2 200 Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/ 471 B
371 B 41ms
40ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"1d7-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abbd453a-TXL

GET
H2 200 Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/ 400 B
345 B 47ms
45ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 2691185
etag: W/"190-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc1453a-TXL

GET
H2 200 Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/ 272 B
270 B 41ms
38ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"110-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc2453a-TXL

GET
H2 200 Twitter-YP6RMFLT.svg
www.darkreading.com/build/_assets/ 891 B
568 B 41ms
39ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Twitter-YP6RMFLT.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

688920dcf3bc915f06fdb081e29e9c2b6fbb0ea6727fe5be74f33db0e2c0ad6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"37b-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc4453a-TXL

GET
H2 200 Email-47H7P533.svg
www.darkreading.com/build/_assets/ 777 B
514 B 41ms
40ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Email-47H7P533.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"309-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc5453a-TXL

GET
H2 200 Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/ 1 KB
700 B 42ms
41ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"471-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc6453a-TXL

GET
H2 200 Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/ 741 B
528 B 44ms
43ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"2e5-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc7453a-TXL

GET
H2 200 ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/ 752 B
483 B 49ms
48ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"2f0-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9abc9453a-TXL

GET
H2 200 ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/ 305 B
281 B 39ms
39ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"131-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9bbcb453a-TXL

GET
H2 200 Date-KJRS72FO.svg
www.darkreading.com/build/_assets/ 1 KB
489 B 44ms
43ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6491119
etag: W/"54d-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9bbcc453a-TXL

GET
H2 200 Document-NG4YMZFA.svg
www.darkreading.com/build/_assets/ 801 B
456 B 42ms
41ms Image
image/svg+xml 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Document-NG4YMZFA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 2691228
etag: W/"321-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 854148a9bbd0453a-TXL

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 131ms
40ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:07:52 GMT
x-content-type-options: nosniff
age: 378035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 17:07:52 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 54ms
42ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 2340246
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d072c12c3aaefff5965b1c240efd969f
x-served-by: cache-ams12722-AMS, cache-fra-etou8220047-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1707703707.219091,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4795, 2

GET
H2 200 BeckyB.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7cc305604c75fd2c/64f1538c8762bf882d6b8d9b/ 130 B
416 B 94ms
83ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7cc305604c75fd2c/64f1538c8762bf882d6b8d9b/BeckyB.jpg?width=100&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

566d120124317733aca62d73f35bd6ca690a6cc6a06ff1135e18e42c98aca1a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img05-europe-west2
age: 2696893
x-cache: HIT, HIT
fastly-io-info: ifsz=89014 idim=641x796 ifmt=jpeg ofsz=130 odim=100x124 ofmt=webp
filename1: custom
content-disposition: inline; filename=BeckyB.webp
fastly-stats: io=1
content-length: 130
x-request-id: ec8187e7e6489d2fa7aec6c41eaea1f0
x-served-by: cache-ams12741-AMS, cache-fra-etou8220047-FRA
x-runtime: 142ms
server: contentstack
x-timer: S1707703707.219071,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "xVjwD0UnGPGCiD2Y/Pbw5B+Zhv0X8L27Y4gBt8SQIZ0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 BeckyB.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7cc305604c75fd2c/64f1538c8762bf882d6b8d9b/ 1 KB
1 KB 100ms
89ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7cc305604c75fd2c/64f1538c8762bf882d6b8d9b/BeckyB.jpg?width=400&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c344243061c7a89e6f9fea662e195edee5145804a41921b44e367a3fff4ae962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 2977827
x-cache: HIT, HIT
fastly-io-info: ifsz=89014 idim=641x796 ifmt=jpeg ofsz=1166 odim=400x497 ofmt=webp
filename1: custom
content-disposition: inline; filename=BeckyB.webp
fastly-stats: io=1
content-length: 1166
x-request-id: 14504f4c0e1292d5fbbdb114bd9c0fb3
x-served-by: cache-ams12741-AMS, cache-fra-etou8220047-FRA
x-runtime: 147ms
server: contentstack
x-timer: S1707703707.219767,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "YhueZ1/yeuRoEaaiOI99rmweMgSTywXkKfonkvANtXA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 typhoon-nasa.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9d6bed252cf89453/65c40ffd202994040a541085/ 1 KB
2 KB 101ms
90ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9d6bed252cf89453/65c40ffd202994040a541085/typhoon-nasa.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

3ac828b2348f333d77874073033c6d4fbeabf1f650027b73b3cf2b13678e48de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 355741
x-cache: HIT, HIT
fastly-io-info: ifsz=961223 idim=1800x1013 ifmt=jpeg ofsz=1342 odim=700x394 ofmt=webp
filename1: custom
content-disposition: inline; filename=typhoon-nasa.webp
fastly-stats: io=1
content-length: 1342
x-request-id: 455af5cd04eaf49d57a45d0fa5023d02
x-served-by: cache-ams12779-AMS, cache-fra-etou8220047-FRA
x-runtime: 57ms
server: contentstack
x-timer: S1707703707.220065,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "gVAd48zqIN5r2a9A+LPvhBVZ5N6XwZUttWWqZKEcpBg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 27, 1

GET
H2 200 linux_Fauzi_Muda_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7f1f0602497ff145/65c3f23a1b0eaa040abe4106/ 2 KB
2 KB 100ms
89ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7f1f0602497ff145/65c3f23a1b0eaa040abe4106/linux_Fauzi_Muda_shutterstock.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

6ec1e9b41c1e07c6ccefb98417fe9e1512019bea5c916eb5032138afbd369a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img01-europe-west2
age: 363359
x-cache: HIT, HIT
fastly-io-info: ifsz=5812096 idim=4096x2730 ifmt=jpeg ofsz=1828 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=linux_Fauzi_Muda_shutterstock.webp
fastly-stats: io=1
content-length: 1828
x-request-id: 7135089a3be138890e6ee0fb694b47a7
x-served-by: cache-ams12738-AMS, cache-fra-etou8220047-FRA
x-runtime: 64ms
server: contentstack
x-timer: S1707703707.219767,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "cUFCRofpQHdRHiCE9OZ59uiHXZaAYVxk9Ep1RT8gRMg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H2 200 Neurodivergent_designer491_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltdd6188b4f8559b38/65c248f88f118d040a2dc3a6/ 2 KB
2 KB 97ms
88ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltdd6188b4f8559b38/65c248f88f118d040a2dc3a6/Neurodivergent_designer491_Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

1b5d0fa49ed0459d8db24dd514ffbe525ea7a6730aa8dd8ea0918ce443c42305

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img04-europe-west2
age: 472225
x-cache: HIT, HIT
fastly-io-info: ifsz=506355 idim=1800x1200 ifmt=jpeg ofsz=2028 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=Neurodivergent_designer491_Alamy.webp
fastly-stats: io=1
content-length: 2028
x-request-id: ca2a3b5bc21090c8f6970552c1d41d2b
x-served-by: cache-ams21083-AMS, cache-fra-etou8220047-FRA
x-runtime: 59ms
server: contentstack
x-timer: S1707703707.219008,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "Y0IUH6wsYblSnZky0+tryFStVLDrx3Sc/T/ISKPpG7Y"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6aed714e279eeb34/6542104467527c040a9b2014/ 3 KB
2 KB 50ms
41ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt6aed714e279eeb34/6542104467527c040a9b2014/Logo_-_Dark_Reading.svg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 2671684
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: 6ad82984a48b9e3dbee100532fc1fd7f
x-served-by: cache-ams12739-AMS, cache-fra-etou8220047-FRA
x-runtime: 59ms
server: contentstack
x-timer: S1707703707.219033,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 680, 2

GET
H2 200 theme1_social_twitter.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte45a7083efd0de23/64ff32b31b4bf60146068958/ 22 KB
22 KB 51ms
43ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte45a7083efd0de23/64ff32b31b4bf60146068958/theme1_social_twitter.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

1be5994087ef2969476db55110aad2a9d988b76c507b545f8035216aa8195c07

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img05-europe-west2
age: 2351292
x-cache: HIT, HIT
fastly-io-info: ifsz=7322 idim=512x512 ifmt=png ofsz=22482 odim=512x512 ofmt=webp
filename1: custom
content-disposition: inline; filename=theme1_social_twitter.webp
fastly-stats: io=1
content-length: 22482
x-request-id: 416aa309e379784133489b0ac014145a
x-served-by: cache-ams21024-AMS, cache-fra-etou8220047-FRA
x-runtime: 67ms
server: contentstack
x-timer: S1707703707.218964,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "p/XHjM2P9fq4d8XNHFga47TTRCUOAGG+EO3R6Iv6YQI"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 2

GET
H2 200 theme1_social_linkedin-in.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2a3f54cc3578a100/64ff34609a20865f344372de/ 19 KB
19 KB 50ms
42ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2a3f54cc3578a100/64ff34609a20865f344372de/theme1_social_linkedin-in.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b9c060dcf3f4a70ccfc07feb43da6afa91e27da27c80ef292a99c2fa3752fce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2609089
x-cache: HIT, HIT
fastly-io-info: ifsz=4204 idim=448x512 ifmt=png ofsz=19030 odim=448x512 ofmt=webp
filename1: custom
content-disposition: inline; filename=theme1_social_linkedin-in.webp
fastly-stats: io=1
content-length: 19030
x-request-id: 20e8ab876c797fb9251beb680987284f
x-served-by: cache-ams12721-AMS, cache-fra-etou8220047-FRA
x-runtime: 38ms
server: contentstack
x-timer: S1707703707.218965,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "ANdTJSs40wtvBPlEF1NToFVAt+2fEG+UlCLB+IjrM64"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 31, 2

GET
H2 200 theme1_social_facebook.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt05cc6664c83aa266/64ff3471fc70f516eed01eb7/ 12 KB
12 KB 50ms
42ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt05cc6664c83aa266/64ff3471fc70f516eed01eb7/theme1_social_facebook.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

22218337c55d27a42af965c63083f57bd788527e912563296f87ac580e643f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 1458946
x-cache: HIT, HIT
fastly-io-info: ifsz=2803 idim=320x512 ifmt=png ofsz=11856 odim=320x512 ofmt=webp
filename1: custom
content-disposition: inline; filename=theme1_social_facebook.webp
fastly-stats: io=1
content-length: 11856
x-request-id: cd4bc6cfeda34407d39ea786b078c134
x-served-by: cache-ams21056-AMS, cache-fra-etou8220047-FRA
x-runtime: 58ms
server: contentstack
x-timer: S1707703707.218936,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "WhrH4q9THSqhVqnrLDcXvhMj3MMiC0EM1lZL74X7o9w"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 2

GET
H2 200 theme1_social_youtube.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt91b03405d6eadc5a/64ff34a07825b0d3bea3814c/ 30 KB
31 KB 134ms
126ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt91b03405d6eadc5a/64ff34a07825b0d3bea3814c/theme1_social_youtube.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

eedebba38c7fc993a73d4e6ba0509c93302508e01a150712fb6c4961e39b0173

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img05-europe-west2
age: 1811284
x-cache: HIT, HIT
fastly-io-info: ifsz=5852 idim=576x512 ifmt=png ofsz=31216 odim=576x512 ofmt=webp
filename1: custom
content-disposition: inline; filename=theme1_social_youtube.webp
fastly-stats: io=1
content-length: 31216
x-request-id: 9535025825cafba06fc20508d66331f4
x-served-by: cache-ams12738-AMS, cache-fra-etou8220047-FRA
x-runtime: 58ms
server: contentstack
x-timer: S1707703707.254321,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "kEveyE+k43+A+MEbXEQY9q/8/+O1kCG34O3wbjN0znI"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2912, 2

GET
H2 200 theme1_rss.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltae21773b6f9354c1/64ff317057209e07e2a31d5d/ 114 B
388 B 136ms
129ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltae21773b6f9354c1/64ff317057209e07e2a31d5d/theme1_rss.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0979491b75180cab7411a7246f28928cf7f2cd4c0651fed7817277402a91548b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 2624955
x-cache: HIT, HIT
fastly-io-info: ifsz=825 idim=25x25 ifmt=png ofsz=114 odim=25x25 ofmt=webp
filename1: custom
content-disposition: inline; filename=theme1_rss.webp
fastly-stats: io=1
content-length: 114
x-request-id: 654dca2a58a593fddb90f2e0968c58f5
x-served-by: cache-ams21024-AMS, cache-fra-etou8220047-FRA
x-runtime: 50ms
server: contentstack
x-timer: S1707703707.254314,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "8twn/MBrZ2v/LacEiOAQwejmP2pNM92CoVJd/P3MGew"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 8, 2

GET
H2 200 theme1_google-news.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt95afce1ecfe90dd3/65255e51a7541f6cf8ae01a6/ 29 KB
30 KB 97ms
90ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt95afce1ecfe90dd3/65255e51a7541f6cf8ae01a6/theme1_google-news.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

4bd71774eb01d573b4113342fe0cb2a41936397f84c3fc34c9c882e2b3b3429f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img08-europe-west2
age: 2780701
x-cache: HIT, HIT
fastly-io-info: ifsz=5500 idim=512x512 ifmt=png ofsz=29750 odim=512x512 ofmt=webp
filename1: custom
content-disposition: inline; filename=theme1_google-news.webp
fastly-stats: io=1
content-length: 29750
x-request-id: 72ac2c05e3de27f708c65e48a40076e8
x-served-by: cache-ams21045-AMS, cache-fra-etou8220047-FRA
x-runtime: 118ms
server: contentstack
x-timer: S1707703707.254319,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
etag: "7A9I6n2lXuT2CMUrSw9DhvmKK+oFq+DhPfxAVsaiH4k"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 17, 2

GET
H2 200 InformaTechBTYB_240x60.webp
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte88e1a0b459f2cef/6500460020e2ed10ea731cb1/ 872 B
1 KB 102ms
96ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte88e1a0b459f2cef/6500460020e2ed10ea731cb1/InformaTechBTYB_240x60.webp?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

200c589c5db0e61dd50da9365b725beffcd9783757123cbe2df46349c64a4d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img04-europe-west2
age: 1660717
x-cache: HIT, HIT
fastly-io-info: ifsz=3188 idim=240x60 ifmt=webp ofsz=872 odim=240x60 ofmt=webp
filename1: custom
content-disposition: inline; filename=InformaTechBTYB_240x60.webp
fastly-stats: io=1
content-length: 872
x-request-id: f343d3c5e8a293e7bdffb965a21645d9
x-served-by: cache-ams21031-AMS, cache-fra-etou8220047-FRA
x-runtime: 111ms
server: contentstack
x-timer: S1707703707.254286,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "4vpeeVf7qjrsaKFaHTmUJk0BUM6X9V2UTYeEHtL636Y"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 2

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 150ms
58ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 854148aaba3030db-FRA
access-control-allow-headers: Content-Type

GET
H2 200 manifest-417A5CCB.js Show response
www.darkreading.com/build/ 34 KB
3 KB 39ms
39ms Script
application/javascript 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/manifest-417A5CCB.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bb78faa89e760f69ebbe66e63b725bd3dbcdf272cb3cc47e8c33e33bccf81c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:30 GMT
server: cloudflare
age: 397888
etag: W/"8764-18d7eb3d050"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 854148aa2c26453a-TXL

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 48ms
48ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 80348
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7531ee9b-301e-0079-330a-15c5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148ab4e2b92ab-FRA

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

188ms
72ms

Fetch
text/html

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Redirect headers

date: Mon, 12 Feb 2024 02:08:27 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Mon, 12 Feb 2024 02:38:27 GMT

GET
H2 200 iris-recommend.js Show response
static.iris.informa.com/widgets/v3/ 1 MB
351 KB 134ms
43ms Script
application/javascript 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e0af726104097ed87e737a3b076972c5450647838230237747f6db729ab4c91d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: ndMhsjbvYQtL7bByTvqpzznel_GfQb5m
content-encoding: gzip
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
date: Sun, 11 Feb 2024 09:06:40 GMT
last-modified: Mon, 05 Feb 2024 05:38:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 61320
x-amz-server-side-encryption: AES256
etag: W/"0a73a334832b8093b4bc7f07b8721d3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: j-8j-0n0cppaK6h5LD6kMuZtZfgXHgLwYB-r7pgtfskVr0Z2zDbE_Q==

GET
H2 200 fortinet_John_Crowe_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte5fc9e97fb9459d5/65c3e51627bb1e040abf54e0/ 2 KB
2 KB 40ms
40ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte5fc9e97fb9459d5/65c3e51627bb1e040abf54e0/fortinet_John_Crowe_Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

69512a49f7373018954eacad7f2c6c98af8a56fc43bf833f1358ef6994011975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img08-europe-west2
age: 366724
x-cache: HIT, HIT
fastly-io-info: ifsz=3598302 idim=4928x3264 ifmt=jpeg ofsz=1680 odim=700x464 ofmt=webp
filename1: custom
content-disposition: inline; filename=fortinet_John_Crowe_Alamy.webp
fastly-stats: io=1
content-length: 1680
x-request-id: 3fa14bda332ed38341b819463c9fddf3
x-served-by: cache-ams21031-AMS, cache-fra-etou8220047-FRA
x-runtime: 60ms
server: contentstack
x-timer: S1707703708.563069,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "LI+PNDhF6W/5uX5ur1iEWkDMlHigWml3u6JarFP7S+U"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/ 436 KB
137 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:07:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43260
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139610
x-xss-protection: 0
server: cafe
etag: 16226629560626727405
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 10 Feb 2025 14:07:27 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 39ms
38ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 2340246
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d072c12c3aaefff5965b1c240efd969f
x-served-by: cache-ams12722-AMS, cache-fra-etou8220047-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1707703708.583535,VS0,VE0
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4431, 2

GET
H2 200 typhoon-nasa.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9d6bed252cf89453/65c40ffd202994040a541085/ 43 KB
43 KB 44ms
44ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9d6bed252cf89453/65c40ffd202994040a541085/typhoon-nasa.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

918518226de8991af6e377f647275cced476af2788acbbd5809df12179cf1e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 355741
x-cache: HIT, HIT
fastly-io-info: ifsz=961223 idim=1800x1013 ifmt=jpeg ofsz=44188 odim=700x394 ofmt=webp
filename1: custom
content-disposition: inline; filename=typhoon-nasa.webp
fastly-stats: io=1
content-length: 44188
x-request-id: 455af5cd04eaf49d57a45d0fa5023d02
x-served-by: cache-ams12779-AMS, cache-fra-etou8220047-FRA
x-runtime: 57ms
server: contentstack
x-timer: S1707703708.583964,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "f77fMISIaIp4usnBTm6NXxKyCBlEx9tluyF+bT633qs"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 27, 1

GET
H2 200 back_door_Medicimage_Education_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt1dcc628acac13009/65c691d56bbc7a040a359ab3/ 83 KB
84 KB 43ms
43ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

012c3d2cd8e098576818256dc0d320836b2c8625d959ffb45b16813d40d96c8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 191429
x-cache: HIT, HIT
fastly-io-info: ifsz=903334 idim=5059x3360 ifmt=jpeg ofsz=85150 odim=850x565 ofmt=webp
filename1: custom
content-disposition: inline; filename=back_door_Medicimage_Education_Alamy.webp
fastly-stats: io=1
content-length: 85150
x-request-id: 45bbc683d7b268d301791e0a435b6aa3
x-served-by: cache-ams12744-AMS, cache-fra-etou8220047-FRA
x-runtime: 59ms
server: contentstack
x-timer: S1707703708.584502,VS0,VE3
x-contentstack-organization: blt5948195ac13977b0
etag: "M4YOFB2J/CH4ByqU6RNnM/DdirHZ8q2WrzlpxUtoK5w"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 linux_Fauzi_Muda_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7f1f0602497ff145/65c3f23a1b0eaa040abe4106/ 19 KB
19 KB 43ms
43ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7f1f0602497ff145/65c3f23a1b0eaa040abe4106/linux_Fauzi_Muda_shutterstock.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

cbfada5d682f7235b9a0617756a8b2f0e0ae7e8c16098e3f8a4354e6b73b3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img01-europe-west2
age: 363361
x-cache: HIT, HIT
fastly-io-info: ifsz=5812096 idim=4096x2730 ifmt=jpeg ofsz=19156 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=linux_Fauzi_Muda_shutterstock.webp
fastly-stats: io=1
content-length: 19156
x-request-id: 7135089a3be138890e6ee0fb694b47a7
x-served-by: cache-ams12738-AMS, cache-fra-etou8220047-FRA
x-runtime: 64ms
server: contentstack
x-timer: S1707703708.584936,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "RxCcLi3DflflJ+h9qyuiTy3h5GareqhG1PaVvrz+dK4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 1

GET
H2 200 BeckyB.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7cc305604c75fd2c/64f1538c8762bf882d6b8d9b/ 4 KB
4 KB 79ms
79ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt7cc305604c75fd2c/64f1538c8762bf882d6b8d9b/BeckyB.jpg?width=100&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

d42436ec5ade9d6f007e2c60ad82f43aa745903f6938d6ede9a7548f9ab77ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img03-europe-west2
age: 2002733
x-cache: HIT, HIT
fastly-io-info: ifsz=89014 idim=641x796 ifmt=jpeg ofsz=3806 odim=100x124 ofmt=webp
filename1: custom
content-disposition: inline; filename=BeckyB.webp
fastly-stats: io=1
content-length: 3806
x-request-id: 8a37c490bdc78f76d69c070efe29df9d
x-served-by: cache-ams12741-AMS, cache-fra-etou8220047-FRA
x-runtime: 110ms
server: contentstack
x-timer: S1707703708.586243,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "k+W3/RShryqpKjgv5xC+tzuWQ1U8JR2kpZ25yfVtbU4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 58ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a2a80609d491ea6698ab4f7a734006cd536d7d9fbbd8591e656b76e4c8715409

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 12 Feb 2024 02:08:27 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
6 KB 189ms
189ms Script
application/javascript 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2198f9c819947e6557b06cd53a4804d4a9a2377500ed131d17e83359f12df4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: JCj5oZWwFy6f5XDT3S5o29v61M74KIOI
content-encoding: gzip
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
date: Sun, 11 Feb 2024 09:01:12 GMT
last-modified: Wed, 13 Dec 2023 10:06:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 61957
x-amz-server-side-encryption: AES256
etag: W/"70f51402b25ef5848b8c59b06c3efb78"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: VSUygWolfNhsPu0T7Df5U3QywszUwIda-KHwceKGqcdFxN01U6Q4KQ==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 153ms
44ms Script
application/x-javascript 2600:9000:2646:3800:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:3800:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 07:29:25 GMT
content-encoding: gzip
via: 1.1 97e94c27c00c2a3986c6b205fc51001e.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 67142
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: XGdawoxkQZQzQ7WTC74gCLEjCk3XL2qH2imXdvuydlZTd4BF7lvNWg==
expires: Mon, 12 Feb 2024 07:29:25 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 458 B
706 B 159ms
55ms Script
application/javascript 2606:4700:4400::ac40:944b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:944b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6a1a2699f8213c5a0f49c739978c3346cd387de462fa18e442fa9c4ed73b6f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 6387
etag: W/"aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 854148ad48e871d3-FRA

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 13 KB
6 KB 176ms
68ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

0f4dd99d8859aaa259cffb42ed92bc3963674d13bcbc5b758a11a4a1adf0bd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 12 Feb 2024 02:08:27 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/c276dbcc7be06243195653e5e041bba2
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 0WyoRRaiDu9jmZ1_Nqbgh5edS3lA9qtWz97FV1zEvdD8fgtHjAuGFg==

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 58ms
58ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 62744
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 361060ce-b01e-003a-5c53-1423fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148acb9be91cf-FRA
expires: Tue, 13 Feb 2024 02:08:27 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 98ms
97ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 37125
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8bb80f27-d01e-0013-6e71-141d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148ad3a3e91cf-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 47ms
46ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 664
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2f2e397c-701e-0068-1a77-145f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148ad3a3f91cf-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 48ms
47ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 37125
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 84c7e417-801e-0098-36b2-1219e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 854148ad3a4091cf-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 134ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je4270v873922772z8891172384za200&_p=1707703707092&_gaz=1&gcd=13l3l3l3l3&npa=1&dma_cps=sypham&dma=1&cid=562426565.1707703708&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dr=&dt=MacOS%20Targeted%20by%20New%20Backdoor%20Linked%20to%20ALPHV%20Ransomware&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&sid=1707703707&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=News&ep.content_publish_date=Feb%2009%2C%202024&ep.content_buyer_journey=value%20not%20set&ep.content_id=blte5ec7a606998fc89&ep.content_title=MacOS%20Targeted%20by%20New%20Backdoor%20Linked%20to%20ALPHV%20Ransomware&ep.content_legacy_path=value%20not%20set&ep.content_contributor=Becky%20Bracken&ep.content_keyword=value%20not%20set&ep.content_series=value%20not%20set&ep.content_sponsor=value%20not%20set&ep.content_main_topic=Threat%20Intelligence&ep.content_additional_topics=Vulnerabilities%20%26%20Threats&ep.gtm_container_detail=SCM%7Cv2%7C98&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_program=value%20not%20set&ep.content_group=Threat%20Intelligence&tfd=4795
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 159ms
55ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=562426565.1707703708&gtm=45je4270v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 151ms
49ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=562426565.1707703708&gtm=45je4270v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l3&npa=1&z=1465000246

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 169ms
46ms Script
application/javascript 108.138.26.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-47.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:08:38 GMT
content-encoding: gzip
via: 1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 12553189
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: phiaNySGDzVXBJX90Mzb4BcpeRkFFDPlpACwrRyg0PbYZFsPrXBixQ==

GET
H2 200 modules.8414bbb3c65a3c228a5a.js Show response
script.hotjar.com/ 218 KB
55 KB 160ms
48ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:50:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 28b0f9ae51406f70504a784d296a3a48.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 220701
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55350
last-modified: Fri, 09 Feb 2024 12:49:54 GMT
etag: "a7ea8f13d71da1eabb486d86cde54573"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: MK-sgkgpdQixLLmc7fXPSwFjUOM6oD9FOC3RGryOQALAcJYhwUzptQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 388ms
123ms Image
image/gif 52.71.60.78
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&u=iVTesBbZXmjBi8pay&d=darkreading.com&g=53678&g0=Threat%20Intelligence&g1=Becky%20Bracken&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3752&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&b=4862&t=Bjl9fGNmTCADSeOvUCvG4qfCoYIgC&V=143&i=MacOS%20Targeted%20by%20New%20Backdoor%20Linked%20to%20ALPHV%20Ransomware&tz=-60&sn=1&sv=BSt5-JnT6AXDM-6YpDcLcpjDfAB4w&sr=external&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.60.78 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-60-78.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 12 Feb 2024 02:08:28 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 49ms
49ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 68783
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 286fded7-101e-008a-2bbf-216232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 854148ae4ec392ab-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 92ms
92ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 12 Feb 2024 02:08:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 70342
x-ms-lease-status: unlocked
last-modified: Fri, 09 Feb 2024 19:39:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b75a6a86-301e-008d-64d5-5b0e51000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 854148ae4ec592ab-FRA

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 257ms
167ms Fetch
binary/octet-stream 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Mon, 12 Feb 2024 02:08:29 GMT
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: g9pkUfr9Q3T16x6gMy5My06AXUbOwYy_zGwUdFAWim_6viiz_ZoyiA==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 42ms
42ms Script
application/javascript 18.245.86.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-23.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 9ed190c9d6b2f812d19cbb317856ed88.cloudfront.net (CloudFront)
date: Sun, 11 Feb 2024 07:32:11 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 66977
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 3KBTzg7ZyKJNmdPqEQ7gOXI3B1pnn13sGn11s02lEJLTF1IfFch16A==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 149ms
45ms Script
application/javascript 13.32.99.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-89.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Thu, 30 Nov 2023 18:02:14 GMT
Content-Encoding: gzip
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
Age: 6336374
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: Wh2QyE0LNU8csoW0QqBD84xFpRE1__lmkAIU9k1M3lyonABj7_hMLQ==

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 81ms
80ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a01:e18d:a0de:5092:6397
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a01:e18d:a0de:5092:6397 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

62fb6c87e8448130e66c33bbbca41904f965e19a8762cf8e56d1a806015cc76e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkreading.com/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Mon, 12 Feb 2024 02:08:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: c9720d22-3e5a-4af6-a8cb-9232cde9fe60
content-length: 1780
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 194ms
61ms Preflight 2a05:d018:94a:8a01:e18d:a0de:5092:6397
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a01:e18d:a0de:5092:6397 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Mon, 12 Feb 2024 02:08:28 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 0a8b9412-c277-4287-95ba-7de2d80cac36

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 975 B
528 B 77ms
77ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708493&lmt=1707682430&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1600x4299&msz=1600x0&fws=0&ohw=0&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2266329518&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d7cd3269d20d14d0758b54fb4935b62e7001306bda7139500676e6e233f0b78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 498
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
369 B 73ms
72ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708505&lmt=1707682430&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1600x4299&msz=1600x0&fws=0&ohw=0&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2064109412&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

078654a30cc7a3286413a379ef07f990d607e667a2079877eb9d5b2b922a3314

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D154 6 KB
3 KB 194ms
46ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 02:08:28 GMT
expires: Tue, 11 Feb 2025 02:08:28 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 130ms
40ms Preflight 18.196.132.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1707703708526

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Mon, 12 Feb 2024 02:08:28 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
477 B 122ms
41ms Fetch
application/json 18.196.132.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1707703708526

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 267ms
157ms Preflight 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 854148b36d893632-FRA
content-length: 0
date: Mon, 12 Feb 2024 02:08:28 GMT
server: cloudflare

POST
H2 200 ed0
c.darkreading.com/com.iiris/ 2 B
327 B 251ms
250ms Ping
text/plain 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/f23io39d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 854148b45bac453a-TXL
content-length: 2

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
372 B 71ms
70ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708815&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_1v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3163609784&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d547112821cf01c76d49ad816ed07e735c4c315285ccd718805e2735d6ffe03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
372 B 75ms
74ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708819&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_2v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=801778401&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91c72aedaeddfc22374702316b6f9d305372fb36185ff72e2815b873956b06a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
367 B 72ms
71ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708822&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_3v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2688451131&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

895ae6d829bc4be97b9b88f0fe5029c0b1e0a5fb6b18fca1ad3f69dd07ba202c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 336
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
372 B 81ms
80ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708825&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_4v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1989837660&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c251e6a834ae971152670ebeb7d171e329fe395593ad146bdf1cf33f970f4235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
370 B 78ms
78ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708829&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_5v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1016483486&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

113bdd9d04f0b1380ceece879113d702ba501f4b10b7f2ace17420efd8a08de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
370 B 85ms
85ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=8&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708832&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_6v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2718966454&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af3cffdb6ce44b92694a6aa254733df3a05c47b63e9594e3731c0c79e433072b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
369 B 81ms
80ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=9&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708834&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_7v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=244923787&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73ccd8827cd65a18aa8d47c719e54fdeec976c0cad8076e8d719567600343171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 338
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
373 B 88ms
88ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=10&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708837&lmt=1707682430&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D100_8v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2004568867&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ac4eaf77722ad92f3ea16cece97f4ef5aaffc85f51297ca2adf3e527894d6519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
6 KB 97ms
96ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1707703708841&lmt=1707682430&adxs=800&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1036x3638&msz=1036x0&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3568718387&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84e10ff0467971fd232785574a62c062743b10c53912d3ff1828ff78e43efc31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6246
x-xss-protection: 0
google-lineitem-id: 6433455104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455781038
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
372 B 84ms
84ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1707703708844&lmt=1707682430&adxs=800&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1036x3638&msz=1036x1&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Doop_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=4281914279&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dc39bb678141de7f5ec57fdc91c3856e4f3319ab6e092486606d706b49147b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
372 B 93ms
92ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708846&lmt=1707682430&adxs=800&adys=301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1036x3638&msz=1036x1&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dfloor_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1131225635&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c37a666f9a28b3ed03dc938372b08645b1149c362d98f2f7154d936fbd1e184

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 341
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
374 B 101ms
101ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=14&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708850&lmt=1707682430&adxs=800&adys=3887&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1036x3638&msz=1036x1&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dadhesion_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3728273033&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88052ef26801ceabe4d6e64f2027e0add82874c98f91b034f2a2b543aba5007e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 343
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 156ms
155ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=15&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708896&lmt=1707682430&adxs=1006&adys=645&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=324x3182&msz=324x100&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D300_1v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2192439130&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c387cade8af89750606fe7b05e92cfecac3c6bf4f7356707c1923d8b7049fddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18338
x-xss-protection: 0
google-lineitem-id: 6433455104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424532569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 124ms
124ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=16&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703708972&lmt=1707682430&adxs=436&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=1036x3638&msz=1036x50&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3D728_1v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=206257688&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc092b4388c2be9f3a8f54e9c399ee20d9d24f06267052b84a27d41ebff8fdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18151
x-xss-protection: 0
google-lineitem-id: 6140096305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446632021
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 790 B
371 B 148ms
148ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=17&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1707703709001&lmt=1707682430&adxs=1156&adys=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=324x1384&msz=324x0&fws=4&ohw=1600&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dnative_vertical_1v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=921769895&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

612b970185839084c5f33d4bdba55378c11e7a1f0de82906890e4f5881fdb8cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 342
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame 0
0 270ms
134ms Preflight
application/json 2606:4700:4400::6812:2595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&limit=4&mode=db&item_age=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method: GET
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id
access-control-allow-methods: DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 854148b66e2d65e1-FRA
content-length: 0
content-type: application/json
date: Mon, 12 Feb 2024 02:08:29 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-apigw-id: TACQnG6yjoEFf4g=
x-amzn-requestid: 62b5d211-54aa-4e84-a6cd-c655b813cb19
x-content-type-options: nosniff

GET
H2 200 darkreading Show response
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ 4 KB
2 KB 207ms
206ms XHR
application/json 2606:4700:4400::6812:2595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47b7e8ee059eee244b5e1c261dabcc366f9488865df31c4432a06f833fa6a10a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 0

Request headers

Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjEHoaCWV1LXdlc3QtMSJGMEQCIEv1hzXPfi5uIghYT9/zqm2/7QwuExRJ+7Os20gI+qWEAiAxm3gXh6KUemvGYF4JLccEgPbqYQvzuKyWzQUMTtoG5irJBQhTEAMaDDA1NjA0MzE3MDg5OSIM1+bAitsQZ7wA/ZTLKqYF90XMNr3LTjQIuDpgg+kSTwUTiXp9lw25IAjmdjypQs7SNCIZGzOymRdtdilPkyA60VZeISGyoabrFuyYtM8fFR/3SCiKB+kobScSGAjPw5laCyDlCcP3A46A77lBQ49Lo8NpYKaHC5AA/b0iglgSifH2f8JENi2dPgEX+KrHw2c7yDnzuurP0IuhbX9xrYncgKN1Eyku+k/151xuA18SQ4VsFZXZJrQoL19FQ4z7cTVf35NuIBpuZ0/vuDFD7PwJ2FYiFdKmBmzNNRRbsep4XuazQhNJxQVxJMG44gMBLx+t7648AEmXq7wGub+AU9bTJmgXf/LSjD5T+FWdB9Ns2zXglj39szTkHiRHOsRFZbgLdPurSTlSWug3vrbMTrBe55TvzXTehuMMmV7G38AsytL+PMANXmZZCdQQGmPY9SGQ7KREOcPtauOnnjFXV7SncEYXYopRN3hXVo2LR4bRVtb7IUDMZc5FqmyWQR49PAZILOynW2nq6dXRIwV5BShcGfHC6H5qH/pLFNA72cZQeUgSA5Mab6POVsieGaFQs5VfEbtiCGV7OGX4dF38hQlRL+x7aTEVr2I54AZlEjR692fbmoBrIVe5UgpUT0fik7d3H3Z5S21rOpYQrxhFcpJaDss8Xn9CG9RFMEFAdiFYL5RN/YpbytNu3Yvl1IIIkIiefZxQ9khOBTSNUZreMJsrvjxljBAZrXLGzmISigdtusZrGnZMKufDifnchFspixSlC2GKjSlZJ2H24AEH/2yf4jGUtQRhXuFKIjtbXPJSm7MQIASO7qLv3izd13gXyulqWDYWTDqpB2PDFZmgj6vCyfUDUnA7ABNm6QDj8zEO8ML/3YHQ/K6PDVfYZzQZ+tPgsfkVTUbviB6PL5iZqoDJq2qWE+U5MJz7pa4GOt4CfxOoJFqf3k0u+BSFAUo53Ec/txEibKzAAQOkZj4P4KXc/u7ifoKtsopJRT1vz48GvY1Ylt7XJ2Q1VT2UsEJM2VNRT8CkwX2CTILbUVpEmEZDE2kG5m+HKBOgkk2HmjRTzZEOOugQxFImt3kXewa0czlnjJoXEFKFr7QU73tYhH2DSd/7X7I21SqYepw64oyr1uwBHgYuyEk7WpXun+uZ2sHYm0a5vkWIgJDNuqaz3JE2HgNAic2qN0AVS0YjQCGXqbcW4oMo01ExEkzsY13E5Bqi08nnYLf8O29fgBoP5GL1lGC93PNmCJHUgobsMcPbt2bTwGgmSfs0XpBIV4rI9MPLbbhVgg88FJT+lWb8pS9mOhLXaLT05N3QxaaiuuZ5amoYNX8sxIHG3EPpa5obU7hGieKmrrVbE546i/QYUdbC5FrWc9BjRtJA+BZFluweglzZLuuoCVOynKlJIjI=
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
x-amz-date: 20240212T020829Z
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJQHM7DYNS/20240212/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=b09503cf96a9d60dfa391f6fcd6e9d0afdd6ba07b1676c46e3c57f4b4c154d9b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 3790
x-amzn-remapped-server: uvicorn
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
x-amzn-requestid: f04a5b21-9c7f-4c02-b589-d2dcbe5eb239
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
cf-cache-status: DYNAMIC
x-amz-apigw-id: TACQoHjuDoEFcIQ=
x-xss-protection: 1; mode=block, 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-frame-options: DENY, DENY
content-type: application/json
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate, max-age=86400, private
cf-ray: 854148b73f0465e1-FRA
x-amzn-remapped-date: Mon, 12 Feb 2024 02:08:29 GMT
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 32 KB
13 KB 101ms
101ms XHR
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3897914021114408&correlator=1625188216281679&eid=44809527%2C21065724&output=ldjh&gdfp_req=1&vrg=202402060101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&ifi=18&sfv=1-0-40&sc=1&cookie=ID%3D10e8085ab21dca6d%3AT%3D1707703708%3ART%3D1707703708%3AS%3DALNI_Mbz0dtD08wNgCgknc40j81z3s-7Uw&gpic=UID%3D00000d56328a4035%3AT%3D1707703708%3ART%3D1707703708%3AS%3DALNI_MZUvrs34pgiaxGMgPCaPeU1-70udA&abxe=1&dt=1707703709054&lmt=1707682430&adxs=1154&adys=561&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&vis=1&psz=324x37&msz=324x5&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=562426565.1707703708&ga_sid=1707703708&ga_hid=1244961317&ga_fc=true&dlt=1707703706781&idt=989&prev_scp=pos%3Dresource_v%26ptype%3Darticle%26nid%3Dblte5ec7a606998fc89%26aid%3D397355%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=630980475&frm=20&eo_id_str=ID%3D8881679e8732e897%3AT%3D1707703708%3ART%3D1707703708%3AS%3DAA-AfjYJBwKYf5z3pmd2bTSLhkrS

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49f4e0aa523021a3784c39180d6fee5a1fa5042a2fd3584910e91d7ca44d87fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13736
x-xss-protection: 0
google-lineitem-id: 6433455104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138459729310
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7913 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63122102ef6a8ca6e407331c68d8928f0742a97299c17f7c80d592101518dfed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B18 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvVjL_LnmwJAFYZllbngn7r50_kmLWoNjqNCpfprKl8J86zihILMpqHNuFb1gEtcrZWOv43znZs7jqvPcL6x-SUL9Rhz5NM0SVdK1TFsdWsrwli91SZA21nApyGhD46RRyqAWAd1EU9LV2B0VYsNzAVsRcb91LRx9nV4vD5JokveQDUiQtIWGj83RiVeylwIlinFtel7z9M8WAMSe4G_x49bLWYHdVuWFC1IF46YdyMnx0J0PKmdK30HMCGMxNIOiPraimXZ_X1B2HopNis2leShPDA8LE0ZDwLwQhqAwm56u64eJiDh989BZm85WYAQWEBW_qohergb0ZOfi_8BDGSBARDYbbDRVBc6_CMAgwxngsjHsQ2kkkN-Ll4gMMYEtBu58e7-zd-lWE&sai=AMfl-YSXC6R10oueiuHi0gqUCYfGNNcuWsKdOYoQ65evv86kLPwdhL6Fy9XhJrb4ZkXH9ox64H2FYUUb8f-Aaxd_ViykKi2dbdkpiNHdkg8UegGaczKWhYuUp1D4GcsQcw&sig=Cg0ArKJSzH7HtLRzDxYGEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 4B18 3 KB
2 KB 148ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 19:34:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 19:34:11 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4B18 203 KB
62 KB 152ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 02:53:28 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 4B18 331 KB
113 KB 203ms
89ms Script
application/x-javascript 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 21bfb2d122ac2722958b50fd598f92b542decc3f03a268e5bb2a459ef3ec5611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:57:17 GMT
server: AmazonS3
x-amz-request-id: WY6CB4WF4EKW3ZMQ
etag: "25caf0929000a3e41857d170d9b1a78f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24133
accept-ranges: bytes
content-length: 115474
x-amz-id-2: /nNaPRpMubSmkr2fcwpNxpc8DKsK6EXj46wLDrFzHe24RdOUNmRfGNj9VZn2nFbvj4YBvk4Uwqg=

GET
H2 200 12178698542986515658
tpc.googlesyndication.com/simgad/ Frame 4B18 15 KB
15 KB 148ms
42ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12178698542986515658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f209ff0958e0acab57c85b5bf057710777c44c57acadb53f9d063c5f15614059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 08:30:15 GMT
date: Sat, 10 Feb 2024 08:30:15 GMT
x-content-type-options: nosniff
age: 149894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15379
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 16:41:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4B18 0
0 133ms
47ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTFZr2glZNmjU23kArKKJXYca0x84JD4zn2lvmg-LoaHXzuwMsyPBj7DxlT27xWEovJHVr
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43BA 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvlxnTBnHwXPNJVprVo_fcXC1smGQsv4Ae6ixaXLdAD5ZwXVpI6VmTe5MCZWUpJ8IxNnqICp9yLPW8-9jDn7JjxhkKIwKBshrX3gDWb8Fg6rRCGn8aCs4nDzwZJdl1GYvfX21pkyXBs7S1ufs3ZJoislXbpwCdGiDSvuoOj60cSHVhLNqnk7ef7-s2-6PYChu5TxKDR8Axa3Whgj_FIUSLxv9Ckuq-g22x5G42kYIwjinkkW7XkU_-V_sSySW82wqsUpI213z8JMg5aRX2v2pXjasXAZYH1vnBGjbsQ6i5ETAYiTCM4WvZ3xzMwU5zhc3LDYNZPEb24Zyp2m2IxVsykVkRFVZx9RtyuWCOR3ovoC9rWQBST342rnPFBVIk08FFfGj7FWg&sai=AMfl-YQhwf8GcjiA7QNDe665CZc5cy0cAwBEBp4oool9qsmmjp_0Df6CU5-HOLx4XCQsauM3epLjx_82tBCRVqlTaT74_iwpXAyBnBvu0shxOxvNiUma7oPeiN4IoZKxHWA&sig=Cg0ArKJSzCA_RW5II1ONEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 43BA 3 KB
1 KB 123ms
41ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 19:34:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23658
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 19:34:11 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 43BA 203 KB
61 KB 197ms
109ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 02:53:28 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 43BA 331 KB
113 KB 306ms
216ms Script
application/x-javascript 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 21bfb2d122ac2722958b50fd598f92b542decc3f03a268e5bb2a459ef3ec5611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:57:17 GMT
server: AmazonS3
x-amz-request-id: WY6CB4WF4EKW3ZMQ
etag: "25caf0929000a3e41857d170d9b1a78f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24133
accept-ranges: bytes
content-length: 115474
x-amz-id-2: /nNaPRpMubSmkr2fcwpNxpc8DKsK6EXj46wLDrFzHe24RdOUNmRfGNj9VZn2nFbvj4YBvk4Uwqg=

GET
H2 200 11615354544233020182
tpc.googlesyndication.com/simgad/ Frame 43BA 13 KB
13 KB 160ms
79ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11615354544233020182

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f274598e02172fc31cb7b3eae2a897a9432c3fe360a49268b0672f09d6e03755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Fri, 07 Feb 2025 00:01:51 GMT
date: Thu, 08 Feb 2024 00:01:51 GMT
x-content-type-options: nosniff
age: 353198
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13663
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 08:46:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame 43BA 0
0 116ms
54ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIDkk8pYY_xhuMTmuoeuVn0CqZTVvPWoffIOE0_K35x8Xot8mjEuqdvN3yxPmVvk7plf9H
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7913 0
26 B 74ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvmx3Qb9jy9qYEEt-IC4bzhX450hSkfLVvMUR8iTxAjB6SVEoLx_2qX_4W0kZVdMdpO1lHdUkLyG7GeumJiT39aKTrjA5DWx_5rxW4HwRVME1VnGyeSQHLVQhNa4Tj5AK8qy3shfeBcPvxLO7idhzPJXPzh7-8_fKjD-aOlA9D7Hrm-NGMC4uIA_KbNebD03iUH-p81XrcjNEz7mrdLkIUMPwJ_GjgPWtshFONB20G2V79Dr7pRFoX5RN4BlTt2ywfmwgoiOu3OiPkjUtveHxq7SgH8gjkPQqTbofZ7ngeGLUxyEWpiMr6rLYdQPertjge4T_hdVYoQ7gog8gFqG9IgKMfeeGVE2Yn-p9uc3mknbhYO9LZUyFyHmaV0tk5Xdww-bxI4JJ7tSeN76JY&sai=AMfl-YSxxQTrQ2nqZMqOkM3V5ImNr456ZQ9LLg3_Fvek2LG_kxN3HqRuINfMhU9CYYl2wAYfYGpe2Fq5zI698D2XcetPBsEquO4qWoNGj_0rk4-kH7ebvlkP-jlGVd4Ngww&sig=Cg0ArKJSzNHocSrFO-KJEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 7122960984839144923
tpc.googlesyndication.com/simgad/ 196 KB
196 KB 154ms
88ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7122960984839144923?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52059e12bd1f54e4b8110b74d275dcf1e9d61cad6895968f94dd25f24d36d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 19:27:33 GMT
date: Sat, 10 Feb 2024 19:27:33 GMT
x-content-type-options: nosniff
age: 110456
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200556
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 14:13:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33BF 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0bJUyYRTndHWHl6VlAxj8WhHpjzga-QZbXYvBcd6iDNLysVG4Y1Sx05-yjBc1LitsYJr5dOPru2G_yu8c9oogL6seu-TDY19gaZRSJ7vF1RRnTw8SoEOjCCygGljK6AViRIoxFpgsTn1qTsUumYz26luGEHQCQiZbjZ0cFQLMq0O8--IXa8tuaeQkOHO4z6OwzlGfuKqlgLqCm4v_XYR6886nDkFjwpY3-W-PaZNNf6t7dZbMO7yLbyhDbfK0H-YXU8kce6PTsSriNIMl711cFKghv6zHvhfHOyT9vqZkeRs9pE4GIx7yJZRFoj1EA6CwzlzE59UN-oA3Ybw2eZCcJcNEalMXsFFzgU2xg2PDaCLx-x0AJRmHOKf09wniQNoaMkFUMrlujiA&sai=AMfl-YQyoUuFbKCX_JGFI-gL9mM2kqLyCkUEppYT-YF3vC3U1t3DYKHwST6Z5J-qXMeRtKFdHX-GV-1SxpHNn1Im_4M5UtaJ1AK70obF4UkuQCySIonZLAWWq1TmsJYktQ&sig=Cg0ArKJSzBNUwMdAl4CBEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 33BF 203 KB
61 KB 192ms
133ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 901
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Feb 2024 02:53:28 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 33BF 331 KB
113 KB 321ms
261ms Script
application/x-javascript 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402060101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 21bfb2d122ac2722958b50fd598f92b542decc3f03a268e5bb2a459ef3ec5611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:57:17 GMT
server: AmazonS3
x-amz-request-id: WY6CB4WF4EKW3ZMQ
etag: "25caf0929000a3e41857d170d9b1a78f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=24133
accept-ranges: bytes
content-length: 115474
x-amz-id-2: /nNaPRpMubSmkr2fcwpNxpc8DKsK6EXj46wLDrFzHe24RdOUNmRfGNj9VZn2nFbvj4YBvk4Uwqg=

GET
DATA 200
OK truncated
/ Frame 4B18 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c0df9f74477fb4a0e7c0936d8fbf2d1b4631836f07082b0b1281e9b564a1cf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 43BA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c18f8fad325a4dab47ca188d4daa8b80d72ac9b44ac1e258b3335ed42979f20

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/b0789f8d/ Frame 33BF 14 KB
5 KB 545ms
146ms Script
application/javascript 52.87.40.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/b0789f8d/web.js?&accountId=44b74b35&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss5cZW5PH_-T-4sf-20j6OC22gt773wyZNDdo_6_8jQqmJ41Q_lNJmU2ULtP5eJ___l4FSqE-LV2OISTfWwylAN36G0uWMd3sBWT0KxprqLhzmzbNGFaEa2E6IZuFvknA7epDHuTBS-uVXHYo7z1-a6tUMxirxYnlRw8-sXWcYiux1ZxX-5obf0-vM3cQALuCnSMbcuN4ZVYjkrw8hXQgl1rz1QTxF6jvlNK3kOyzah_Kd_LvsYbeSGnK0IToaz0OFXF_ZIaPFJlCzgaJgGZRqB0BH8C0tlNTs1YqiY1TlVngQByWfa8A8fYN9t1xjcAZRWy-d2fqm1DR5bYf8R7C5qcjwaenhPSyFZAMvTkCdexVv35Lk0Wr4nJBq1uH0ZjzC-qPJ51yE%26sai%3DAMfl-YR_R-jbSq0cVEh-DHo3owaLl_4gStXTzm_8zEB5fj9lipOgE7IxwOk0RQZxe3qRvUsDJYw8i8Ei42p-1Fiaj9DlJlJMiEu5bYNu4gJknm3G_sEA-yjNQVFefqtttQ%26sig%3DCg0ArKJSzKBb5fBtSLpGEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138459729310&externalCreativeId=138459729310&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6433455104&externalCampaignId=3282332824&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1707703709.27&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=902500965689145
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.87.40.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-87-40-170.compute-1.amazonaws.com
Software: /
Resource Hash: 24736b6f21ba737b6e34744cdf7fecf534e90e1b03a362d882efe52bf819c525

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:29 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4907
Expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4B18 0
0 153ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3YGKgqhfXq6EIOoTqlYIkjN6huzLosIF5jfeRKuNOVM-lzYKsfQoEuR2Ech1Ym2cOHfIM6oT6Ux9_RVME8r5cx9yIvZ1H2jcegE347yfaZUmXlHLzlLzRX6lwH7p14m4daQkpsJOha67wqcFQQ8zoNyljlHvEbwuS7YsHim1O4edECKZ9MWUK7Z04OjKC17MHiLvVhLtox6tBjSGJO2QkkkR5XGmZ38hKuebVzLF6FxKOF3QJWOSjVDDfXHv3TpiNfCYd5mCjVI6LN_9-_3ZgOdzzv4zNk6g7fXPYNbrIqtGtJ6ADsj1A_Q1P2cMQtW8wl60T3oxzGXMVE6bUgyxdg0ZGUK_0rdUlYxt1vH1q8RjWs79aP9CjfWVt3h4YH79g9xDezG_G6bJbxg&sai=AMfl-YTOzNt__AhZzddj5yCkAJ4ZgDOtlX6pOxEIkAX0GIJmNX9ngVynqn7wJVJCHkjtf0lfF4TQ26__gsRDmitnA91ogX2N7vpy_xIKLVTl77pVpsK0--2hVxdUTD2R3w&sig=Cg0ArKJSzDNWw7ufXm7tEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Feb 2024 02:08:29 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 43BA 0
0 112ms
74ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtgkfDf3CO_MSU-iCwo-VBbgESfxOFSrkW1hYAAEj4h5UeVESIQCAxkzWsI6zPB8xzboP4JE8emPCnwhm-n661ND350fcawoTvQkNzXOpE5zInmoXfBFtwJJjgdnhBbaYJ4iJ-ejVXpxMcDDOq0VbugYIkijJLfWoQ2JrN5i-xOnVWzTZAxddqGBciEr85Qo1RkmcPvnJavmpZ6FD6313uYtaE1H9qUxUOB6IDEgfdTPlTg2lrl2bOCMhCgp93UrusydCkUzCUiIv23dbuhv4EQRt-s-jCAUMiE_PrwTHfKU0mX8NDWGHWAU8kogYVyed6lPcAkDRLo_BknS0IBLPobMWufJ2SBss-gjkKFTwci5IRY3mFuyVlSSVY2TtctAbzLwzuR7kg&sai=AMfl-YQqCxqEI-CRVoFrInkDW2IvKQgrAnyn6WJ4Pww-DEQW5db8MwRxnL6iO0P0u2QLGxbsnUToq-2Gpzs4vYLDKadmD4Q2IJ-rl5AuME-MZXsvYbjsgahW9a07H1ts1aY&sig=Cg0ArKJSzIVr2fIChCNaEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Feb 2024 02:08:29 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 4B18 31 KB
10 KB 168ms
40ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1212024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 01:48:03 GMT
via: 1.1 google
content-encoding: br
age: 1226
x-guploader-uploadid: ABPtcPotYa-UhzQe0DIiRURBBeeZh7YJGnAmZoT-YQDyzWZ5kVXwoj8enxSi4BqJ21AsIYmnpZZ58q1Ymw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10218
last-modified: Mon, 18 Dec 2023 20:13:43 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-hash: crc32c=P2fgBQ==, md5=IwpC9BBrIFbFRmT73giztw==
x-goog-generation: 1702930423872068
content-language: en
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32241
accept-ranges: bytes
cache-id: FRA-fa985ced

GET
H2 200 n.js Show response
mb.moatads.com/ 98 B
276 B 223ms
67ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1707703709609&de=928658563285&m=0&ar=805b0ce1b97-clean&iw=24ec2dc&q=2&cb=0&ym=0&cu=1707703709609&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3282332824%3A6433455104%3A138424532569&zMoatPS=300_1v&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A4139%3A6154%3A0%3A4247&fs=207009&na=1797104603&cs=0&callback=MoatDataJsonpRequest_15980836
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: faca980297a372fd7b1b34ce53982287f5ab1da73ff3ea7dcc8afbf7029fca6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:29 GMT
server: istio-envoy
etag: "c1bf5e7a648ed15b3d89a045826e7274c8556648"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 11
timing-allow-origin: *
content-length: 98

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 56ms
47ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1707703709609&de=928658563285&m=0&ar=805b0ce1b97-clean&iw=24ec2dc&q=3&cb=0&ym=0&cu=1707703709609&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3282332824%3A6433455104%3A138424532569&zMoatPS=300_1v&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A4139%3A6154%3A0%3A4247&fs=207009&na=685393864&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:29 GMT

GET
DATA 200
OK truncated
/ Frame 33BF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 350680177cb97be491aa7dc9955ea6f2af3fa972dd23cf59a5fb5778e89f7aac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 155ms
73ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F12178698542986515658&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709609&de=928658563285&cu=1707703709609&m=173&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4464&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4139%3A6154%3A0%3A4247&as=0&ag=72&an=0&gf=72&gg=0&ix=72&ic=72&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=72&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=143&cd=0&ah=143&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138424532569&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=935696792&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:29 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/ Frame 33BF 574 KB
125 KB 179ms
49ms Script
application/javascript 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/web.js?v=99-c8f4c26f2a&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/b0789f8d/web.js?&accountId=44b74b35&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss5cZW5PH_-T-4sf-20j6OC22gt773wyZNDdo_6_8jQqmJ41Q_lNJmU2ULtP5eJ___l4FSqE-LV2OISTfWwylAN36G0uWMd3sBWT0KxprqLhzmzbNGFaEa2E6IZuFvknA7epDHuTBS-uVXHYo7z1-a6tUMxirxYnlRw8-sXWcYiux1ZxX-5obf0-vM3cQALuCnSMbcuN4ZVYjkrw8hXQgl1rz1QTxF6jvlNK3kOyzah_Kd_LvsYbeSGnK0IToaz0OFXF_ZIaPFJlCzgaJgGZRqB0BH8C0tlNTs1YqiY1TlVngQByWfa8A8fYN9t1xjcAZRWy-d2fqm1DR5bYf8R7C5qcjwaenhPSyFZAMvTkCdexVv35Lk0Wr4nJBq1uH0ZjzC-qPJ51yE%26sai%3DAMfl-YR_R-jbSq0cVEh-DHo3owaLl_4gStXTzm_8zEB5fj9lipOgE7IxwOk0RQZxe3qRvUsDJYw8i8Ei42p-1Fiaj9DlJlJMiEu5bYNu4gJknm3G_sEA-yjNQVFefqtttQ%26sig%3DCg0ArKJSzKBb5fBtSLpGEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138459729310&externalCreativeId=138459729310&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6433455104&externalCampaignId=3282332824&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1707703709.27&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=902500965689145
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: b14a50559fa182032e50fc1c718e0cb65b4886ed59c8e24e1006d27b3c4fc953

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 07:21:54 GMT
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 413196
x-cache: Hit from cloudfront
content-length: 127320
server: Apache
etag: "a3e735eaf198ccbb782edc6c299856b2910c107e5c3a813e3e5b88378457be58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
x-amz-cf-id: pdXH30JhUa7H9CPuSM5nwyCCrjIeqpTQEUImPQWrP6dvOSwFPntQCA==

GET
DATA 200
OK truncated
/ Frame 33BF 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 2c4a385c-1537-4416-8fef-4f9fcf747958
https://www.darkreading.com/ Frame 33BF 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/2c4a385c-1537-4416-8fef-4f9fcf747958
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 4B18 62 B
254 B 64ms
61ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&pv=1707703709857_akyhu8d5k&bl=en-us&cb=3012334&return=&ht=&d=&dc=&si=1707703709857_akyhu8d5k&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1212024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:29 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 4B18 20 B
482 B 574ms
187ms Script
application/javascript 52.86.147.206
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1212024&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1212024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.147.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-147-206.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Mon, 12 Feb 2024 02:08:30 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Tue, 13 Feb 2024 02:08:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1707703709812&de=387386269443&m=0&ar=805b0ce1b97-clean&iw=24ec2dc&q=7&cb=0&ym=0&cu=1707703709812&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A4139%3A6154%3A0%3A4247&fs=207009&na=1781863471&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 142ms
142ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11615354544233020182&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709812&de=387386269443&cu=1707703709812&m=12&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4464&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A4139%3A6154%3A0%3A4247&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=488589263&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 54ms
54ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1707703709841&de=9952837343&m=0&ar=805b0ce1b97-clean&iw=24ec2dc&q=11&cb=0&ym=0&cu=1707703709841&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&zMoatPS=resource_v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&bo=22316126855&bp=22339890152&bd=resource_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A4139%3A6154%3A0%3A4247&fs=207009&na=818357123&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 33BF 0
0 73ms
73ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGethXEEUwoiMn0H8z1q0_ghCmMJb3HQ3_P5LSACtSUMLAHrlXeFYq51kMXIblHsmLMIfd-H9AaA_bFKUZ_rP462vSQseUw84mmc8UNsrtajUu8-u6xQLktkBwHSnnTpdYBvg0cpkFOYNkytpw4cxXxZrOBMAKov5g57xUuGfCznRnIXj2mQppcIn-NazAAbvtkF-N6cxn7C121dIPnp_8D7q8HBouD5U2mcog7MXDLeBp0qwwOrB9hyUK08IrdllUB8KmBfmv-rrA1WpDh_ZiotNwBUY9e18ka8w1Nk8c3QhqujCCtMtABSuwbK36NOQJicHrgL5LHPf06NlhEmCz0wyHRlKObXTpUuFrZ_1o7v4cFk5NKS1-CqOEVDq7gxRfu_DJlEF_aFtZMw&sai=AMfl-YQzeExyJlmRz_23FiHlPjegkfhe8XGfImExQneJiLTsG-MrXnqO0OxoSVIJByo661SQLHkvueou_vgbNLYc881Nmsiki4fplctFRWyDBihWUThbJN_ZQo89Tpe8QQ&sig=Cg0ArKJSzK29mxjikjMxEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Feb 2024 02:08:30 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 509ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC4xNTEsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=884158628
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 1454a71d-cdbb-429c-8092-122f4493e0c7.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/ Frame 5FA8 16 KB
16 KB 127ms
46ms Font
application/font-woff 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20()%2C-01235689%3AABCDEFGHIKLMNOPQRSTUVWZabcdefghiklmnoprstuvwxy%E2%84%A2
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 604a11a13e17ff30f139c1aa086f2438793086c36ced07f66e1c75d901a3b910

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:52 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543097
etag: "604a11a13e17ff30f139c1aa086f2438793086c36ced07f66e1c75d901a3b910"
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 16244
x-amz-cf-id: tGeYPNqIQ_D6-9Hst9JMkoLg52IwEwVk8cIWHpovXe8IxQKpwboJAA==

GET
H2 200 57625f96-ca80-4602-9644-ec1803cb3ba3.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/ Frame 5FA8 9 KB
10 KB 123ms
50ms Font
application/font-woff 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/57625f96-ca80-4602-9644-ec1803cb3ba3.woff?subset=%20%2C-.012359FGHILMPSTUabcdefghiklmnoprstuvwxyz
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c505161b7b106213680541a87fd510acd39ed912c9a4c699cbce4f37b1094aca

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:52 GMT
via: 1.1 5c14dc328191a14142654d833f772c6c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543097
etag: "c505161b7b106213680541a87fd510acd39ed912c9a4c699cbce4f37b1094aca"
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 9604
x-amz-cf-id: -Xp3woilTWnpKI2prFC14E5M4WEdtQFyCQ6WwRLxQqFjN8PEB6c1xw==

GET
H2 200 forrester_wave_external_threat_intelligence_q3_23%20(1)-01.png
cache-ssl.celtra.com/api/blobs/c36899b3b9d1cc61712af4f671b1faf7324b869414908213e1a74ba9a0b4335e/ Frame 5FA8 104 KB
105 KB 43ms
42ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c36899b3b9d1cc61712af4f671b1faf7324b869414908213e1a74ba9a0b4335e/forrester_wave_external_threat_intelligence_q3_23%20(1)-01.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:34:34 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3342835
etag: "2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 106643
x-amz-cf-id: At_RmDkdSS7cD1x6ZJWT-FdPyqrgnspeXzOFkd4cqd-tLknAfw9-ZA==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/ Frame 5FA8 2 KB
3 KB 60ms
60ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/Resource%202.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543097
etag: "0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 2417
x-amz-cf-id: NdtVO92UF8ZQ0exfiwDvNujHGtRF5VeTjajOKkxvEVfSTuk6sfTmNg==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/ Frame 5FA8 1016 B
1 KB 60ms
60ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/Resource%203.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543097
etag: "33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1016
x-amz-cf-id: MkBFZjfOyJHB5T-_Hcs3WPEoivBQITXueSG8d7cAR4fa628veyuhUQ==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/ Frame 5FA8 1 KB
2 KB 61ms
61ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/Resource%204.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543096
etag: "ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1504
x-amz-cf-id: actmwykKZZ3O-fe-jKUa-Xa1VCmVwaks6YS2jUNJ38zOZhrsksUV-A==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/ Frame 5FA8 830 B
1 KB 61ms
61ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/Resource%205.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543096
etag: "d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 830
x-amz-cf-id: ZSbiXEr7m1a7Xi7TX8zzd98IPXKyOXtJhUjjajwUcdfI-FSyVxaWGg==

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame 5FA8 737 B
1 KB 62ms
62ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:46 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381324
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 99023
accept-ranges: bytes
x-amz-cf-id: aSCOlwGRG9eg86cLA4blDKUHg8-nv8Itkba6LaPdjb8B8jlJu0Aa1Q==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame 5FA8 740 B
1 KB 61ms
61ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381323
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 754705
accept-ranges: bytes
x-amz-cf-id: YWBGh7NgSSfOrsnxYzV6lu2dUTNrI5Yba4uBhnZ_PxPgK-uCe89UBg==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame 5FA8 1 KB
1 KB 61ms
59ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
age: 11381323
x-cache: Hit from cloudfront
server: Apache
etag: W/"06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1247174
x-amz-cf-id: D8H_2KUXjqUsLiF1ug34blJudwXuMunEWZ9dxPrUdmN8Tjt3XbAQiw==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame 5FA8 1 KB
1 KB 62ms
59ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
content-encoding: gzip
x-amz-cf-pop: FRA56-P5
age: 11381323
x-cache: Hit from cloudfront
server: Apache
etag: W/"89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1051131
x-amz-cf-id: 2cN9eWms9oGFqGEKFQs-nxHF0vNhmVw7Oe7rBq6vYeU5FYdSmvVQ9A==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame 5FA8 802 B
1 KB 62ms
60ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:48 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381322
x-cache: Hit from cloudfront
content-length: 802
server: Apache
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1870107
accept-ranges: bytes
x-amz-cf-id: k_2mJx8rFqtPHaHUtAmgd2We66G6rjBQXYT0CtjBuZMQJr3U2X75oA==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame 5FA8 805 B
1 KB 73ms
71ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:48 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381322
x-cache: Hit from cloudfront
content-length: 805
server: Apache
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1968122
accept-ranges: bytes
x-amz-cf-id: qF7acjLU_7q5E7t46Y6yKK2JNm4sgUP7JgJ29n5jlnTWkMKMjBG4pw==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame 5FA8 1 KB
1 KB 75ms
74ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 09 Dec 2023 05:42:54 GMT
content-encoding: br
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 5603136
etag: W/"2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: PKPev7j4sZYyipADu0r5bvWHXhPPfGA0Qco3MsOqKvRAONiLIiVejQ==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame 5FA8 704 B
1 KB 76ms
75ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 27 Dec 2023 04:02:36 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 4053954
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 704
x-amz-cf-id: KAre6TM91eBqFmXzs3EKn5PZeEO62oBefPO4mLtUKGtY5gTgwU1Llw==

GET
H2 200 Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png
cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/ Frame 5FA8 10 KB
10 KB 76ms
76ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:46:36 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11377314
x-cache: Hit from cloudfront
content-length: 9750
server: Apache
etag: "3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 495028
accept-ranges: bytes
x-amz-cf-id: mcEcMfjGLt1SYv1ue72rcnI_hGjB9eoqZdJ7LNMFnf6p72_31NZU0Q==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 421ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC4xNTksInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMS4wLjYxNjcuMTYwIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NSwiaGVpZ2h0Ijo1fSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjp0cnVlLCJhbGxvd05vbk5hdGl2ZVJBRkZvclZpZXdhYmxlVGltZVVzZWQiOmZhbHNlLCJjbGllbnRUaW1lWm9uZU9mZnNldEluTWludXRlcyI6LTYwLCJzdXBwb3J0c0NvbnRhaW5lclZpZXdhYmlsaXR5Ijp0cnVlLCJzdXBwb3J0c0NvbnRhaW5lckluaXRpYWxWaWV3YWJpbGl0eSI6dHJ1ZSwidGFnUGFyZW50V2lkdGgiOjAsInRhZ1BhcmVudEhlaWdodCI6MCwiYW1wRGV0ZWN0ZWQiOmZhbHNlLCJhbXBOZXN0aW5nTGV2ZWwiOiIiLCJzYWZlRnJhbWVEZXRlY3RlZCI6ZmFsc2UsImZldGNoU3VwcG9ydGVkIjp0cnVlLCJhc2FwRW5hYmxlZCI6bnVsbCwibmF0aXZlUHJvbWlzZXNTdXBwb3J0ZWQiOnRydWUsImJlYWNvblN1cHBvcnRlZCI6dHJ1ZSwiSW50ZXJzZWN0aW9uT2JzZXJ2ZXJTdXBwb3J0ZWQiOnRydWUsImlzTXV0YXRpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwid2ViVmlldyI6bnVsbCwiaXNXaW5kb3dPcGVuTmF0aXZlIjp0cnVlLCJwcm90b0xvYWRpbmciOnsiZGF0YUxvYWRTdGF0dXMiOiJzdXBwb3J0ZWQiLCJibG9iTG9hZFN0YXR1cyI6InN1cHBvcnRlZCJ9LCJ0b3BXaW5kb3dMb2NhdGlvbiI6Imh0dHBzOi8vd3d3LmRhcmtyZWFkaW5nLmNvbSIsInRvcFdpbmRvd0xvY2F0aW9uTGVuZ3RoIjoyNywibmFtZSI6ImVudmlyb25tZW50SW5mbyJ9LHsic2Vzc2lvbklkIjoiczE3MDc3MDM3MDl4M2FkNjE0YTQxZjhlNjJ4NDU3MDc0NjAiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6Ijc2Nzg5NDg3NTEwMzUxNTciLCJpbmRleCI6MiwiY2xpZW50VGltZXN0YW1wIjoxNzA3NzAzNzEwLjM2MSwibmFtZSI6ImFnZ3JlZ2F0b3IiLCJtZXRyaWMiOiJtb25vdHlwZVVzYWdlUmVwb3J0ZWQiLCJ2YWx1ZSI6MSwiY3VzdG9tRGltZW5zaW9ucyI6eyJtb25vdHlwZVByb2plY3RJZCI6ImM0NmVkMDkwLTM2NzEtNDE2My1hODViLWIwNmI0MDM4YWUzOCIsImNyZWF0aXZlSWQiOiJjZjE3NWJjZCJ9fV19?crc32c=2274451089
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame 5FA8 737 B
1 KB 48ms
44ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:46 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381324
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 99023
accept-ranges: bytes
x-amz-cf-id: nhdt-RCslNNsxlHhqr16ZO3lubUHOgamHY450K85zeUV4Ue1pguy2Q==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame 5FA8 740 B
1 KB 49ms
44ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381323
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 754705
accept-ranges: bytes
x-amz-cf-id: NS1YzUglO_S494u6cQRLIMrgmuw_Sll2UFWnwwoUFwZDUEDb8jZ5Yw==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame 5FA8 1 KB
1 KB 49ms
44ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 22:02:10 GMT
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3384380
etag: W/"06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: TvS5KGiC7SO5OsV6kjW8djWHCQVV5Z5OF91of2KUpXP8A_FOn_DuNg==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame 5FA8 1 KB
1 KB 49ms
45ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 22:36:02 GMT
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 1481548
etag: W/"89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: rAv0IMpTK-wQGIJ6LsPdtCzO2LlNpvM1YyxJJ3tB4_AvCEVrpjbOwA==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame 5FA8 802 B
1 KB 49ms
45ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:48 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11381322
x-cache: Hit from cloudfront
content-length: 802
server: Apache
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1870107
accept-ranges: bytes
x-amz-cf-id: A4nyo-aodr-8uWsbfAVFP2wPS1S1bOTSiewfCZ6FRVFXbcHAmLxmxg==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame 5FA8 805 B
1 KB 49ms
45ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:26:04 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 5805746
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 805
x-amz-cf-id: AX1vjrnB8ltZDwdPZlQiZKtuX1jmucp3yO_59KOF7D12XzGv9TWTuQ==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame 5FA8 1 KB
1 KB 49ms
46ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:43:54 GMT
content-encoding: gzip
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 1448676
etag: W/"2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: buS-ASdfLtOAH5KQHyAhiSZjhpKMYlv9lQnMVud9F9cU0eEN9Odo8A==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame 5FA8 704 B
1 KB 50ms
46ms Image
image/svg+xml 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:26 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 2913304
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 704
x-amz-cf-id: UmDYEqpk0R1N5eZSxpNR6eDpCKAuzF30mJJbkyh_pQH0KD7jB5gGHw==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 09:46:36 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 11377314
x-cache: Hit from cloudfront
content-length: 9750
server: Apache
etag: "3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 495028
accept-ranges: bytes
x-amz-cf-id: 8TxFs6TREbH6YZ0jgsOlEfwy21SEtNh4K3YH-Nw-i-4ZkDwcW818Ag==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c36899b3b9d1cc61712af4f671b1faf7324b869414908213e1a74ba9a0b4335e/forrester_wave_external_threat_intelligence_q3_23%20(1)-01.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 09:34:34 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3342835
etag: "2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 106643
x-amz-cf-id: JWqirojWUDTydFEHdsZz8uUaTBkEb7WBe96M45MxRHGEc1m9C3Qsiw==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/ Frame 5FA8 2 KB
3 KB 50ms
48ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/Resource%202.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543097
etag: "0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 2417
x-amz-cf-id: YJjdyeg8O1pbFj93iDQw2f8ZnXPZ-fulFM5pPDkGsO1Lly7FecD_OA==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/ Frame 5FA8 1016 B
1 KB 47ms
46ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/Resource%203.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543097
etag: "33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1016
x-amz-cf-id: hGKlkU4V-9IG1sdlwlSqx2Eb66LHy5-U6nzvO0RPuDLD1KXYjYRWnQ==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/ Frame 5FA8 1 KB
2 KB 52ms
50ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/Resource%204.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543096
etag: "ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1504
x-amz-cf-id: eu600-HI0PnLgDXdtzQfbMnvh5TJS6I3JgM__tMY9xuwGV1aa9T-oA==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/ Frame 5FA8 830 B
1 KB 52ms
51ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/Resource%205.jpg?transform=crush&quality=85
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543096
etag: "d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 830
x-amz-cf-id: UbcTSI47ZhSOt5X5mYqdFqjIN_thaVRBnChYGB6ScdAoP1UnGS_lew==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 370ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC4zNywibmFtZSI6ImNyZWF0aXZlTG9hZGVkIiwidmlld2FiaWxpdHkwME1lYXN1cmFibGUiOnRydWUsInZpZXdhYmlsaXR5NTAxTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6dHJ1ZSwiY2RuVmFyaWFudCI6Im5vbmUifSx7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjQsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC4zOTMsIm5hbWUiOiJ2aWV3cG9ydFBsYWNlbWVudEdlb21ldHJ5IiwicGFnZURpbWVuc2lvbnMiOnsiaGVpZ2h0Ijo1MTQ0LCJ3aWR0aCI6MTYwMH0sInZpZXdwb3J0UG9zaXRpb25SZWN0Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsImxlZnQiOjAsInRvcCI6MH0sImZpcnN0UGxhY2VtZW50UG9zaXRpb25SZWN0Ijp7ImxlZnQiOjEwMDYsInRvcCI6NTk3LjQ4NDM3NSwid2lkdGgiOjMwMCwiaGVpZ2h0Ijo2ODV9fSx7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC4zOTUsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC40MDksInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjpudWxsLCJzY3JlZW5Mb2NhbElkIjozODA0NSwic2NyZWVuVGl0bGUiOiJSZXNvdXJjZXMiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNzA3NzAzNzEwLjQwOSwibmFtZSI6InNjcmVlblNob3duIn0seyJzZXNzaW9uSWQiOiJzMTcwNzcwMzcwOXgzYWQ2MTRhNDFmOGU2Mng0NTcwNzQ2MCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiNzY3ODk0ODc1MTAzNTE1NyIsImluZGV4Ijo3LCJjbGllbnRUaW1lc3RhbXAiOjE3MDc3MDM3MTAuNDA5LCJuYW1lIjoiY3JlYXRpdmVSZW5kZXJlZCJ9XX0=?crc32c=421548910
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 iMac.png
cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/ Frame 5FA8 277 KB
278 KB 41ms
40ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/iMac.png?transform=crush&quality=256
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:56 GMT
via: 1.1 0a624670dff351af866d2f19bde4a312.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: FRA56-P5
age: 3543093
etag: "3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 283662
x-amz-cf-id: _aFwBlgmp7F_WVkWOfduw3Filna1IYdCQZlDaZGqIz2-a91dNl8WCg==

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 369ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMC40NDksIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNzA3NzAzNzEwLjM5NywidG8iOjE3MDc3MDM3MTAuMzk3fV19?crc32c=1776781151
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:30 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 43BA 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst7n1awleVSTYdirDxLRW2EU3KDXwLqHKCJ630xe6qGRkleT3Jg6vkBe0zPANNyNy09Zg9LZfsmSTL3ARBCZH7NjmLiKej_tN4sNTmGob95g1fSX7_8Daa9iVTpzMfFH6rgwLZIoG4kK-MYUBbHjK091cjeWPqzqU&sig=Cg0ArKJSzBrGVsknxKLrEAE&id=lidar2&mcvt=1001&p=249,436,339,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20240208&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=206257688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=363650900&rst=1707703709216&rpt=352&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-spa-1.251.1.min.js Show response
js-agent.newrelic.com/ 87 KB
29 KB 150ms
39ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.251.1.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fe207926e03dd9e07087abcac51ac5490aa57a7bda3b6e5fcfe4baec4953d4a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id: OhDO3B1C4AxTz_s5RAKQ44ag5.sMIaKK
content-encoding: br
via: 1.1 varnish
date: Mon, 12 Feb 2024 02:08:30 GMT
strict-transport-security: max-age=300
x-amz-request-id: TKJ1C97R5EEAE08M
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29260
x-amz-id-2: Isa2l88PjWllpPLCmIcGPUfc/H1PhEGoTWfGGekky0DMtjrBA8bEf3c8pExeqH0ZcV1EV0Y40Cs=
x-served-by: cache-fra-etou8220053-FRA
last-modified: Mon, 29 Jan 2024 21:25:17 GMT
server: AmazonS3
x-timer: S1707703711.963385,VS0,VE0
etag: "74bb5562421fc11ec1e50cd70dd234d5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 649116

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 57ms
56ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402060101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f94a77eca12c33063ad16824ec84f54445c5c3f79e37e7740dc98e169b92077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12270
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
38 B 66ms
31ms XHR
text/plain 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-9dadce5ff1b6ff43----1707703710864
traceparent: 00-0fc843b7221828531bdfb9eeed1fb016-9dadce5ff1b6ff43-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiOWRhZGNlNWZmMWI2ZmY0MyIsInRyIjoiMGZjODQzYjcyMjE4Mjg1MzFiZGZiOWVlZWQxZmIwMTYiLCJ0aSI6MTcwNzcwMzcxMDg2NCwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Response headers

date: Mon, 12 Feb 2024 02:08:30 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 854148c11e7b453a-TXL

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
120 B 63ms
59ms XHR
text/plain 104.18.109.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.109.47 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-11ee6743de0e4417----1707703710869
traceparent: 00-be97ace458604856a915ad2c4d12ff4f-11ee6743de0e4417-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiMTFlZTY3NDNkZTBlNDQxNyIsInRyIjoiYmU5N2FjZTQ1ODYwNDg1NmE5MTVhZDJjNGQxMmZmNGYiLCJ0aSI6MTcwNzcwMzcxMDg2OSwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Response headers

date: Mon, 12 Feb 2024 02:08:30 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 854148c11e7c453a-TXL

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 172ms
170ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709841&de=9952837343&cu=1707703709841&m=1068&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=0&ag=108&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=88&pf=0&ib=1&cc=0&bw=108&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=215&cd=0&ah=215&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1140352922&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:31 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Feb 2024 02:08:30 GMT

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/1/ 40 B
462 B 140ms
47ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.251.1&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=8054&ck=0&s=c9d2d9eb61acdb82&ref=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware&hr=0&tt=b60972e0f8d8ebf0&af=err,xhr,stn,ins,spa&ap=160.177602&be=3809&fe=4069&dc=624&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1707703702964,%22n%22:0,%22f%22:0,%22dn%22:20,%22dne%22:20,%22c%22:20,%22s%22:2236,%22ce%22:2275,%22rq%22:2276,%22rp%22:3809,%22rpe%22:3819,%22di%22:4247,%22ds%22:4433,%22de%22:4433,%22dc%22:7868,%22l%22:7868,%22le%22:7878%7D,%22navigation%22:%7B%7D%7D&fp=4139&fcp=6153
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Feb 2024 02:08:31 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-etou8220056-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E0D8 13 KB
5 KB 40ms
39ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 23197
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 19:41:54 GMT
expires: Mon, 10 Feb 2025 19:41:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 08F7 829 B
1 KB 49ms
48ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cf12fe481a63122850134ee648b3034abe5447abe646567bc412b99c57886d33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DhlKMOLLDL6SUKgPdwxfPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-DhlKMOLLDL6SUKgPdwxfPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Feb 2024 02:08:31 GMT
expires: Mon, 12 Feb 2024 02:08:31 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
45ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709812&de=387386269443&cu=1707703709812&m=1109&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=1100&an=2&gi=1&gf=1100&gg=2&ix=1100&ic=1100&ez=1&ck=1100&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1100&bx=2&ci=1100&jz=855&dj=1&aa=0&ad=997&cn=0&gk=997&gl=0&ik=997&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=4&ah=855&am=4&xd=00&rf=0&re=1&ft=997&fv=0&fw=997&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1387054167&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:31 GMT

GET
H2 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame E0D8 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 07:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67264
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 07:27:27 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 08F7 0
0 69ms
69ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402060101&jk=3897914021114408&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 86ms
85ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709812&de=387386269443&cu=1707703709812&m=1112&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=1100&an=1100&gi=1&gf=1100&gg=1100&ix=1100&ic=1100&ez=1&ck=1100&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1100&bx=1100&ci=1100&jz=855&dj=1&aa=0&ad=997&cn=997&gk=997&gl=997&ik=997&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=855&ah=855&am=855&xd=00&rf=0&re=1&ft=997&fv=997&fw=997&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=720422426&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:31 GMT

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/resources/1/ 36 B
359 B 48ms
48ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/resources/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.251.1&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=8280&ck=0&s=c9d2d9eb61acdb82&ref=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware&st=1707703702964&hr=0&fts=1707703702964&n=26&fsh=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de37f98f941bea7a86a8c99fa0ec85cee563fd44ca1d00aa0278c6ee39bafb1e

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Feb 2024 02:08:31 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-etou8220056-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709812&de=387386269443&cu=1707703709812&m=1115&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=1100&an=1100&gi=1&gf=1100&gg=1100&ix=1100&ic=1100&ez=1&ck=1100&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1100&bx=1100&ci=1100&jz=855&dj=1&aa=0&ad=997&cn=997&gk=997&gl=997&ik=997&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=855&cd=855&ah=855&am=855&xd=00&rf=0&re=1&ft=997&fv=997&fw=997&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=243166236&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:31 GMT

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/events/1/ 24 B
346 B 47ms
46ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.251.1&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=8334&ck=0&s=c9d2d9eb61acdb82&ref=https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware&ptid=2ddf4161-0001-b4b9-721a-018d9b12b626&hr=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
content-type: text/plain

Response headers

date: Mon, 12 Feb 2024 02:08:31 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-etou8220056-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E0D8 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GscwmA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 02:08:31 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
45ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709812&de=387386269443&cu=1707703709812&m=1321&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=1313&an=1100&gi=1&gf=1313&gg=1100&ix=1313&ic=1313&ez=1&ck=1100&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1313&bx=1100&ci=1100&jz=855&dj=1&aa=1&ad=1210&cn=997&gn=1&gk=1210&gl=997&ik=1210&co=1210&cp=1102&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1102&cd=855&ah=1102&am=855&xd=00&rf=0&re=1&ft=1210&fv=997&fw=997&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1349020596&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:31 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 123ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjksImNsaWVudFRpbWVzdGFtcCI6MTcwNzcwMzcxMS40MTEsIm5hbWUiOiJ2aWV3YWJsZTUwMSIsImNyaXRlcmlvbiI6eyJuYW1lIjoiNTAvMSIsInJhdGlvIjowLjUsInRpbWUiOjEwMDB9fV19?crc32c=1147773162
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 124ms
124ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjEwLCJjbGllbnRUaW1lc3RhbXAiOjE3MDc3MDM3MTEuNDUzLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTcwNzcwMzcxMC4zOTcsInRvIjoxNzA3NzAzNzExLjQ1fV19?crc32c=3785346947
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402060101&jk=3897914021114408&bg=!YmGlYS7NAAaxkZ3akZE7ADQBe5WfOHw4a-g_zT-hk30Vq7ncHBSCIH--mR0vCakL4LH7_vs5Eiyck5gMKEOlZw0QbtEEAgAAALJSAAAACmgBB5kCwzlr7dIXDtgbvIIH0cjLwQT0DnUGEvIBMdbqqBs6EE31JULPELu5LonSMO45DCrnbYieASnUtQPtNK_uzAD3CcKKe5R9ZrttMZn3BW3rBPDMLhHr7UbM1qcYhiYo7hPsmfZW5D-9w9t235oUkNpU86GNf0yYqCHPQwNAJiCHuIuFrUjp9z-MePhtOhOh2fERCEMkVMB44gBAtLVYmLoHN1Y2l0TfdcZqydwzCEc8VqsfSUWTAJ0edhDzOknmdpZT4xS8vrqPS39SGYxAGW9_JqHk7GQyLA3D4bLrsyzb8T_J87YdEBnbayAkZ5eP7FZtkhGArWEEvDQ2Lxr8Kgt7CB6GEM-hjngfcPdY0uJ7Bdd0HD-OkCG0cEBsGayc7B7MXerfUAcfnOyn6Rkqb3i_2nHCd2sqYSyX18b7wtqoiUU7y21KYXKvEIhYYdM8CjzV6AccSAQaGf0-BdICzFtQDlNJ78DNTrHfyDPJkNxtZ_7ZJapgvYfvItkW2K8dU4x6TTC6vMW1PhTqomFUOgCnmvU5fMFXaNw4I54CPSlfwzRNZHqiXCNzQ2xp6ftAf4vGugzsIPu-thZVvdJMwmCkwfQMAR_ItLJjGPW-0dCeKslK80L4McAtlyeN-hDWncoQfkpDG6AdTc32PfL5QBQ2dQt_8zZ23qsI6pQkRf_qqV_9HFjgYpT9kha5c4wq0GgjUPS_UW-l4InV5D1a14B3tcR-lxoenSMMLZqTVNtF1gfSCpetAuhx0Q-YSTvlyXaqzSqyTXdEuOjLTAsBFYKo1xyO0v1HgF2Gp_XQlx2sdfbwB4zqf1K22NmmUQ9sCdqzMrVt37rz1VeFec5ymCYMgkSNqNVuwlaxEE9aoEmQvwoqcnGi4qUdXQi5uhRlxFe_Jcx8EgC8-tN8PXY-qjSe5p_AnSYtpa2yko4a7G-80cqR1sck
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709841&de=9952837343&cu=1707703709841&m=2102&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=1162&an=108&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1162&kw=1066&aj=1&pg=88&pf=88&ib=1&cc=1&bw=1162&bx=108&ci=1162&jz=1066&dj=1&aa=0&ad=907&cn=0&gk=0&gl=0&ik=0&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1066&cd=215&ah=1066&am=215&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1768094905&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
47ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709841&de=9952837343&cu=1707703709841&m=2307&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=1368&an=1162&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1162&kw=1066&aj=1&pg=88&pf=88&ib=1&cc=1&bw=1368&bx=1162&ci=1162&jz=1066&dj=1&aa=1&ad=1113&cn=907&gk=0&gl=0&ik=0&co=1113&cp=1269&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1269&cd=1066&ah=1269&am=1066&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=435704500&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:32 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:32 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 123ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjExLCJjbGllbnRUaW1lc3RhbXAiOjE3MDc3MDM3MTIuNDcsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNzA3NzAzNzExLjQ1LCJ0byI6MTcwNzcwMzcxMi40NTR9XX0=?crc32c=3406555686
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:32 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 470ms
470ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjEyLCJjbGllbnRUaW1lc3RhbXAiOjE3MDc3MDM3MTMuNDg3LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTcwNzcwMzcxMi40NTQsInRvIjoxNzA3NzAzNzEzLjQ3fV19?crc32c=3201189301
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
45ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709812&de=387386269443&cu=1707703709812&m=5141&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=5134&an=1313&gi=1&gf=5134&gg=1313&ix=5134&ic=5134&ez=1&ck=1100&kw=855&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5134&bx=1313&ci=1100&jz=855&dj=1&aa=1&ad=5031&cn=1210&gn=1&gk=5031&gl=1210&ik=5031&co=1210&cp=1102&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4935&cd=1102&ah=4935&am=1102&xd=00&rf=0&re=1&ft=4931&fv=1210&fw=997&wb=2&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=905513395&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709609&de=928658563285&cu=1707703709609&m=5354&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=0&ag=673&an=72&gf=673&gg=72&ix=673&ic=673&ez=1&aj=1&pg=100&pf=100&ib=1&cc=0&bw=673&bx=72&dj=1&aa=0&ad=563&cn=0&gk=563&gl=0&ik=563&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5131&cd=143&ah=5131&am=143&xd=00&rf=0&re=1&ft=563&fv=0&fw=563&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138424532569&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=659692492&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:35 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 123ms
123ms Image
image/gif 54.165.74.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA3NzAzNzA5eDNhZDYxNGE0MWY4ZTYyeDQ1NzA3NDYwIiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI3Njc4OTQ4NzUxMDM1MTU3IiwiaW5kZXgiOjEzLCJjbGllbnRUaW1lc3RhbXAiOjE3MDc3MDM3MTUuNTAzLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTcwNzcwMzcxMy40NywidG8iOjE3MDc3MDM3MTUuNDg3fV19?crc32c=1007989424
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.165.74.141 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-165-74-141.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Mon, 12 Feb 2024 02:08:35 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 46ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709841&de=9952837343&cu=1707703709841&m=6125&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=5187&an=1368&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1162&kw=1066&aj=1&pg=88&pf=88&ib=1&cc=1&bw=5187&bx=1368&ci=1162&jz=1066&dj=1&aa=1&ad=4932&cn=1113&gk=0&gl=0&ik=0&co=1113&cp=1269&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5093&cd=1269&ah=5093&am=1269&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1925252826&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 47ms
46ms Image
image/gif 23.210.17.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MWfz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-L6aP6LDFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-mJzyVCAZgVLOGg%3D%3D&sc=1&os=1-gg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&id=1&ii=4&f=0&j=&t=1707703709841&de=9952837343&cu=1707703709841&m=6327&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5144&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&pe=1%3A4139%3A6154%3A7878%3A4247&as=1&ag=5388&an=5187&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1162&kw=1066&aj=1&pg=88&pf=88&ib=1&cc=1&bw=5388&bx=5187&ci=1162&jz=1066&dj=1&aa=1&ad=5133&cn=4932&gk=0&gl=0&ik=0&co=1113&cp=1269&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5294&cd=5093&ah=5294&am=5093&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=866954342&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.17.232 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-17-232.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Feb 2024 02:08:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Feb 2024 02:08:36 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 18:21:45	Name: __cf_bm Value: uU3tW2fFJ5wjpzf2RlOYMZjSkzJpZqIjMVu8R4xNhB4-1707703706-1-AQOZLeGu4gTZwPNYvpVen+mLSiFyAZCLVNYrU4It1dQyfbr3h3jr8JAC7jIUKjT/mPKdD0z53dilWQgJt5vguVc=
.darkreading.com/	1970-01-20 20:31:19	Name: _gcl_au Value: 1.1.2131616309.1707703708
.darkreading.com/	1970-01-21 03:57:43	Name: _ga_1X1EHQ3PFR Value: GS1.1.1707703707.1.0.1707703707.60.0.0
.darkreading.com/	1970-01-21 03:57:43	Name: _ga Value: GA1.1.562426565.1707703708
.js.ubembed.com/	1970-01-20 18:21:45	Name: __cf_bm Value: 5jlsiTQSh9._tyFMaYNRC3gAy4SehO0v6PvO_tABReg-1707703707-1-Aa6JqAdeeJOTq5KyugGZ0Nm1i/oyKnJsykRSjHELkzs1ZbfChVOxm/4Ez/DldGVm8NENjhxLYZDIG0fxM9JbszM=
.darkreading.com/	1970-01-21 03:50:31	Name: _cb Value: iVTesBbZXmjBi8pay
.darkreading.com/	1970-01-21 03:50:31	Name: _chartbeat2 Value: .1707703707812.1707703707812.1.BSt5-JnT6AXDM-6YpDcLcpjDfAB4w.1
.darkreading.com/	1970-01-20 18:21:45	Name: _cb_svref Value: external
.darkreading.com/	1970-01-20 22:40:55	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Feb+12+2024+03%3A08%3A27+GMT%2B0100+(Central+European+Standard+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=0a10a3f6-361a-447b-b061-da51a4472500&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fmacos-targeted-by-new-backdoor-linked-to-alphv-ransomware&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
www.darkreading.com/	1970-01-20 18:23:10	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.darkreading.com/	1970-01-21 03:57:43	Name: __td_signed Value: true
.darkreading.com/	1970-01-21 03:57:43	Name: _td Value: e284ae96-7246-4b01-bf2e-3960a5f48897
.darkreading.com/	1970-01-20 18:21:45	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-21 03:57:43	Name: _sp_id.94c4 Value: 9f3eb95c-7738-4e32-801f-b74c28a50f14.1707703709.1.1707703709.1707703709.232b59ea-1218-4d2d-8eb5-f0058e29238f
.darkreading.com/	1970-01-21 03:07:19	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjhmMThlYmJhLWFiOWEtNWYzNC04MDk0LTVhNDJiMjhkNDI4YSIsImNyZWF0ZWQiOjE3MDc3MDM3MDg2MzMsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 18:21:45	Name: _hjSession_2610568 Value: eyJpZCI6ImI0ZmQ0OTk0LTM2NTctNDIyOC1iMzhhLTZjMzBmZDEyNWMwYSIsImMiOjE3MDc3MDM3MDg2MzUsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.in.treasuredata.com/	1970-01-21 03:57:43	Name: _td_global Value: f6e11ba1-16e0-415c-b614-f47d46d0c4a9
.doubleclick.net/	1970-01-21 03:43:19	Name: IDE Value: AHWqTUkz3xPN9cbV5xTsBYH8SbggRBLZcYosMsMjrklKIiLi1KJKNnveP9r4AH3CIAg
.darkreading.com/	1970-01-21 03:07:19	Name: sp Value: e0dc011c-db21-4a4a-acb3-5eb17fc8bf06
.darkreading.com/	1970-01-21 03:43:19	Name: __gads Value: ID=425c2cd70fcd0ef5:T=1707703709:RT=1707703709:S=ALNI_MZYRiYEv8Nkm9m296oclXOqCU72bg
.darkreading.com/	1970-01-21 03:43:19	Name: __gpi Value: UID=00000d5632b8a8f5:T=1707703709:RT=1707703709:S=ALNI_MbfPk49XXFyjMC4-hptgEWZyo23Ng
.darkreading.com/	1970-01-20 22:40:55	Name: __eoi Value: ID=8fe296b7f65506c6:T=1707703709:RT=1707703709:S=AA-AfjaZSMHh47kavsp12OKwip3f

48 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/macos-targeted-by-new-backdoor-linked-to-alphv-ransomware Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4b78c40d9e7ec76e07645f963b443400.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
ads.celtra.com
api.iiris.com
assets.ubembed.com
bam.eu01.nr-data.net
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
in.ml314.com
js-agent.newrelic.com
marketingplatform.google.com
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.celtra.com
www.darkreading.com
www.google.com
www.google.de
www.googletagmanager.com
www3.doubleclick.net
z.moatads.com
104.18.109.47
108.138.26.47
13.32.27.21
13.32.99.89
130.162.160.243
151.101.130.137
151.101.194.137
18.196.132.224
18.245.86.23
18.66.112.15
18.66.97.49
185.221.87.23
2001:4860:4802:34::36
23.210.17.232
2600:9000:2646:3800:18:1fcd:353:c61
2606:4700:4400::6812:2595
2606:4700:4400::ac40:944b
2606:4700:4400::ac40:9b77
2606:4700::6810:3965
2606:4700::6812:6e2f
2606:4700::6812:82ec
2a00:1450:4001:802::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::200a
2a00:1450:400c:c00::9a
2a03:2880:f083:9:face:b00c:0:3
2a05:d018:94a:8a01:e18d:a0de:5092:6397
34.117.77.79
52.71.60.78
52.86.147.206
52.87.40.170
54.165.74.141
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
012c3d2cd8e098576818256dc0d320836b2c8625d959ffb45b16813d40d96c8d
02e83ab853d8de801795d261a4cedae702c547554058d28ea0f5c1460b8a034f
06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e
078654a30cc7a3286413a379ef07f990d607e667a2079877eb9d5b2b922a3314
0979491b75180cab7411a7246f28928cf7f2cd4c0651fed7817277402a91548b
09a119f0aeee6464c3fad8c8bd7118748f3cade165fb4dabc80398667f36ca12
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c
0f4dd99d8859aaa259cffb42ed92bc3963674d13bcbc5b758a11a4a1adf0bd1a
0fd09b4b1993a14b71038fde1550332486367f74b81388fe13eb63a7a382e66c
113bdd9d04f0b1380ceece879113d702ba501f4b10b7f2ace17420efd8a08de7
11efe79bc9fd298582704ecee9d88a628ac49233ec420ab2cb075dcfc647c019
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7
1b5d0fa49ed0459d8db24dd514ffbe525ea7a6730aa8dd8ea0918ce443c42305
1be5994087ef2969476db55110aad2a9d988b76c507b545f8035216aa8195c07
1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f
200c589c5db0e61dd50da9365b725beffcd9783757123cbe2df46349c64a4d09
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2198f9c819947e6557b06cd53a4804d4a9a2377500ed131d17e83359f12df4f6
21bfb2d122ac2722958b50fd598f92b542decc3f03a268e5bb2a459ef3ec5611
22218337c55d27a42af965c63083f57bd788527e912563296f87ac580e643f04
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
24736b6f21ba737b6e34744cdf7fecf534e90e1b03a362d882efe52bf819c525
24a141546dbb061d084a8104ffa1c77a83ac3e096aed8777feeb0362dc5ba4d7
24c98b3653a1a89489a370d23ab35375bba6bf386f5c2cf8a34f59f1ee7ab2ee
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
279d5ea2aef390011ef2f16b6acd1dbbfac1595adc42d9cd3465e10cfd5b8acc
290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31
2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6
2bc092b4388c2be9f3a8f54e9c399ee20d9d24f06267052b84a27d41ebff8fdf
2c18f8fad325a4dab47ca188d4daa8b80d72ac9b44ac1e258b3335ed42979f20
2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286
2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb
350680177cb97be491aa7dc9955ea6f2af3fa972dd23cf59a5fb5778e89f7aac
3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa
3ac828b2348f333d77874073033c6d4fbeabf1f650027b73b3cf2b13678e48de
3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d
3dc39bb678141de7f5ec57fdc91c3856e4f3319ab6e092486606d706b49147b2
41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d
42f0f9290314afb23da64b1ab586f93b454c494182f9daa0a233319b21f35de9
45e8960eacb3b322f02c13c5785d53073f45705ed7417757de14b447522add29
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b7e8ee059eee244b5e1c261dabcc366f9488865df31c4432a06f833fa6a10a
49f4e0aa523021a3784c39180d6fee5a1fa5042a2fd3584910e91d7ca44d87fc
4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
4bd71774eb01d573b4113342fe0cb2a41936397f84c3fc34c9c882e2b3b3429f
4d547112821cf01c76d49ad816ed07e735c4c315285ccd718805e2735d6ffe03
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
4f94a77eca12c33063ad16824ec84f54445c5c3f79e37e7740dc98e169b92077
52e92e164cef176a60f25df19e01650bdb4f4bf44e6530e2e020c304af5d7a59
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
566d120124317733aca62d73f35bd6ca690a6cc6a06ff1135e18e42c98aca1a1
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f
5a898dd16565bde025d7e7ac952d118f3889a4fd330744d23a0897ab1268d461
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5d7cd3269d20d14d0758b54fb4935b62e7001306bda7139500676e6e233f0b78
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
604a11a13e17ff30f139c1aa086f2438793086c36ced07f66e1c75d901a3b910
612b970185839084c5f33d4bdba55378c11e7a1f0de82906890e4f5881fdb8cb
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
62fb6c87e8448130e66c33bbbca41904f965e19a8762cf8e56d1a806015cc76e
63122102ef6a8ca6e407331c68d8928f0742a97299c17f7c80d592101518dfed
64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1
64a5229192c1b7cd69fb0e2971a1baa024a7eb24eb7caf323b963bdd03872905
67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e
67f5aedb17e5350a4c106fd42af6a89330c5c7dabac42ef464adb851316f7a17
688920dcf3bc915f06fdb081e29e9c2b6fbb0ea6727fe5be74f33db0e2c0ad6b
68a3853d20f5f6eeb4ca7b52fb3f52a85f00bbf937b5fca88a6162b055f5ce26
69512a49f7373018954eacad7f2c6c98af8a56fc43bf833f1358ef6994011975
6bb78faa89e760f69ebbe66e63b725bd3dbcdf272cb3cc47e8c33e33bccf81c1
6e7e4be2d253c50a013e3a19eddab94c09f193a2f71476571f6862a6f67babba
6ec1e9b41c1e07c6ccefb98417fe9e1512019bea5c916eb5032138afbd369a64
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d
73ccd8827cd65a18aa8d47c719e54fdeec976c0cad8076e8d719567600343171
78c0df9f74477fb4a0e7c0936d8fbf2d1b4631836f07082b0b1281e9b564a1cf
7a52059e12bd1f54e4b8110b74d275dcf1e9d61cad6895968f94dd25f24d36d9
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7c37a666f9a28b3ed03dc938372b08645b1149c362d98f2f7154d936fbd1e184
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e10ff0467971fd232785574a62c062743b10c53912d3ff1828ff78e43efc31
8517de4468d3ca320592c6a7b75fa4a1aa6ec8642362e1ad6fbd3433e4b1e0c3
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
88052ef26801ceabe4d6e64f2027e0add82874c98f91b034f2a2b543aba5007e
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
895ae6d829bc4be97b9b88f0fe5029c0b1e0a5fb6b18fca1ad3f69dd07ba202c
89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119
8a0ef9fa4aa1a1f5d4175249ba8a918e1c78df30f658801195f86cb13a2ecf28
90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
918518226de8991af6e377f647275cced476af2788acbbd5809df12179cf1e30
91c72aedaeddfc22374702316b6f9d305372fb36185ff72e2815b873956b06a6
91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83
9483f6fa2fcb32b3ba85b592f00a24ed0b35d47bcd3634ee451477812845ca5d
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4
9c5abab791942a7a119bfd91c2298b0ccfe8a7f83be1bab6bf508901969a5a9b
9d68d18e767c4226be28c09cf2b37cbe531383ce733194fffda817933320dca2
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
a2a80609d491ea6698ab4f7a734006cd536d7d9fbbd8591e656b76e4c8715409
a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27
a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944
a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1
ab9ffd67fa2d6f65b772905094ee912ca6dc382ecff4e818eba409d0e4e2d5b2
ac4eaf77722ad92f3ea16cece97f4ef5aaffc85f51297ca2adf3e527894d6519
ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
af3cffdb6ce44b92694a6aa254733df3a05c47b63e9594e3731c0c79e433072b
b14a50559fa182032e50fc1c718e0cb65b4886ed59c8e24e1006d27b3c4fc953
b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b4eff229f2a1df818e9fa264b832bd19cff2cd3616b487528df023b935168c8b
b632f35ed3bd54598f87ea3e4ba17d479d00ebb056f9a197aa54621a4c2391f8
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
b9c060dcf3f4a70ccfc07feb43da6afa91e27da27c80ef292a99c2fa3752fce1
bb03f47be374b1eeced807c368c4015291dfa617c580ee1320b4c45add40d4ae
bdccea96f49f25798682bbd62fe25c4de68b20bf36519674516f8bc7842fad96
c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428
c251e6a834ae971152670ebeb7d171e329fe395593ad146bdf1cf33f970f4235
c344243061c7a89e6f9fea662e195edee5145804a41921b44e367a3fff4ae962
c387cade8af89750606fe7b05e92cfecac3c6bf4f7356707c1923d8b7049fddf
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c505161b7b106213680541a87fd510acd39ed912c9a4c699cbce4f37b1094aca
c7a6a9352b1be0292d8ab50315fae4b5485a25a36ae09867375e2e703354398c
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
cbfada5d682f7235b9a0617756a8b2f0e0ae7e8c16098e3f8a4354e6b73b3499
ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06
cd500c546202be15f4b0d9a10a2096a2dcffd0f195d953bbe931ff8e45ca234f
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf12fe481a63122850134ee648b3034abe5447abe646567bc412b99c57886d33
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d42436ec5ade9d6f007e2c60ad82f43aa745903f6938d6ede9a7548f9ab77ed6
d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792
de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183
de37f98f941bea7a86a8c99fa0ec85cee563fd44ca1d00aa0278c6ee39bafb1e
dfae0d1d35b161909c177ea751a4c287e969b1b31120348bc6003b3168457435
dffef7ad0af260b60f64c45e974052e3ea34f4ebafe1145b4c8be51366978252
e0af726104097ed87e737a3b076972c5450647838230237747f6db729ab4c91d
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e117bec31655210f76ed04f03842e80e4af3e1226306943a6d05759827c46717
e12e84a21fe878c498981b984a4bcbd04651f64907c381dd6430b3069e74a207
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e997c0f427363a74662c4e086aab357b95331c2865a9235a4a05159e08cce40c
eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9
eb655c459e78c39e2b60f1f9f178cf1e1b14601626328fc29f6c35da71eb13ba
ecccefafe81a1f1b982c9bb5c4d8296908a93242c4ecea61831184484b8b1520
ed3a7f48e84247f98e9e92aa603052fba27f00e7409c971b7bf11b28348861e7
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
eedebba38c7fc993a73d4e6ba0509c93302508e01a150712fb6c4961e39b0173
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f209ff0958e0acab57c85b5bf057710777c44c57acadb53f9d063c5f15614059
f274598e02172fc31cb7b3eae2a897a9432c3fe360a49268b0672f09d6e03755
f287589f4f6b593e2d8e1713f8de0df37425f09ba7fc8d8ff856cee5d00afede
f49b0b50ae5d0adc7dadd2a82803c05e286a231810664f198ab356e8cef1b9bf
f6a1a2699f8213c5a0f49c739978c3346cd387de462fa18e442fa9c4ed73b6f7
faca980297a372fd7b1b34ce53982287f5ab1da73ff3ea7dcc8afbf7029fca6e
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
fe207926e03dd9e07087abcac51ac5490aa57a7bda3b6e5fcfe4baec4953d4a4

www.darkreading.com Open in urlscan Pro 104.18.109.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

257 Requests

99 %HTTPS

55 %IPv6

26 Domains

41 Subdomains

40 IPs

7 Countries

4152 kBTransfer

11365 kBSize

22 Cookies

38 Outgoing links

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
104.18.109.47 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

99 %
HTTPS

55 %
IPv6

26
Domains

41
Subdomains

40
IPs

7
Countries

4152 kB
Transfer

11365 kB
Size

22
Cookies

257 HTTP transactions
6 data transactions