GET
H2
|
404
|
Primary Request
/
Show response
logrhythm.com/blog/deep-dive-into-plugx-malware/'/
Redirect Chain
-
https://logrhythm.com/blog/deep-dive-into-plugx-malware/'
-
https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
|
140 KB
26 KB
|
956ms
955ms
|
Document
text/html |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
|
GET
H2
|
200
|
kan0mns.css
use.typekit.net/
|
9 KB
1 KB
|
303ms
185ms
|
Stylesheet
text/css |
2a02:26f0:11a::6867:4851
AKAMAI-ASN1
|
|
|
GET
H3
|
200
|
frontend.css
logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/
|
79 KB
12 KB
|
45ms
37ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/widgets-css/frontend.css?ver=2.1.14
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 0b47c6f613bff41662a4af43e11dd7a291ad7a1fbb2346cbcf6260fc2895c911
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
global.css
logrhythm.com/wp-content/plugins/th-widget-pack/css/
|
2 KB
4 KB
|
106ms
98ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/css/global.css?ver=1647021724
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- eebddba8e782ebfcd323563bf510591cbe86e7299aa0ff6e7d8118775c9a0dcd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
header-footer-elementor.css
logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/
|
1 KB
4 KB
|
107ms
98ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/assets/css/header-footer-elementor.css?ver=2.1.14
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b37ebd2524191bf943476446276026a92083fe5bc43571eec11855c3872bd1af
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend-legacy.min.css
logrhythm.com/wp-content/plugins/elementor/assets/css/
|
13 KB
4 KB
|
107ms
99ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 077bfe0738b737a566cf1dd70834894d972a0918667939e7261f1e5984f31ccd
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.css
logrhythm.com/wp-content/plugins/elementor/assets/css/
|
160 KB
23 KB
|
60ms
47ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/css/frontend.min.css?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b0b4118c0e1ae2a813aa461b6040e664d39ae42d5dd1e9db809e302235d2d94c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
post-6608.css
logrhythm.com/wp-content/uploads/elementor/css/
|
3 KB
4 KB
|
73ms
60ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/elementor/css/post-6608.css?ver=1659380222
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b32832c8cd8069aa1b687350c9d6ebfd62d87495973e477318f79ff08bf6bbf0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.css
logrhythm.com/wp-content/plugins/elementor-pro/assets/css/
|
469 KB
47 KB
|
75ms
57ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/css/frontend.min.css?ver=3.7.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 30db9902d015c9533560f7040717711ac830ddebe571118a875a466ef1161e04
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
app.css
logrhythm.com/wp-content/themes/stratusx/assets/css/
|
284 KB
51 KB
|
57ms
38ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/stratusx/assets/css/app.css?ver=1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 677292abd3264e7a749be23ac07c2529f0ac499ca9f2030aa9446533496fc9eb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
style.css
logrhythm.com/wp-content/themes/logrhythm-child/
|
347 B
4 KB
|
113ms
83ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/style.css?ver=6.0.1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b1b33627d7bddf9d93dcf1e913bb6e53d97a99c5a7fc30f9aab824bf74707b35
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
app.min.css
logrhythm.com/wp-content/themes/logrhythm-child/dist/css/
|
331 KB
36 KB
|
114ms
84ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/css/app.min.css?v=041222
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b0d876cb5f172352f5cbdd02800ccc8bcd13177d24d28850f8294546068c2fae
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
post-86515.css
logrhythm.com/wp-content/uploads/elementor/css/
|
9 KB
5 KB
|
218ms
189ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/elementor/css/post-86515.css?ver=1659982509
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 4854070a6b6ee5f162f413d6c2e2a49d8b2066f5e396f36c9b8b74070c81c780
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
gdpr-main-nf.css
logrhythm.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/
|
77 KB
12 KB
|
123ms
94ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/gdpr-cookie-compliance/dist/styles/gdpr-main-nf.css?ver=4.8.12
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 655f5c4b438879fe7d4ab3f95519548a68abf300e32fd093f27d4624fc936177
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
jquery.min.js
Show response
logrhythm.com/wp-includes/js/jquery/
|
87 KB
35 KB
|
130ms
101ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
jquery-migrate.min.js
Show response
logrhythm.com/wp-includes/js/jquery/
|
11 KB
8 KB
|
132ms
103ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2f1bae2942.js
Show response
kit.fontawesome.com/
|
11 KB
4 KB
|
126ms
55ms
|
Script
text/javascript |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
forms2.min.js
Show response
ecrm.logrhythm.com/js/forms2/js/
|
208 KB
69 KB
|
251ms
27ms
|
Script
application/x-javascript |
104.17.74.206
CLOUDFLARENET
|
|
General
- Full URL
- https://ecrm.logrhythm.com/js/forms2/js/forms2.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_ECDSA, AES_128_GCM
- Server
-
104.17.74.206
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; |
X-Content-Type-Options |
nosniff |
|
GET
H3
|
200
|
modernizr-custom.min.js
Show response
logrhythm.com/wp-content/themes/logrhythm-child/dist/js/
|
5 KB
5 KB
|
131ms
104ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/js/modernizr-custom.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- c99f726f2a86c98e77f5f081280ff5e78252dbc6d6576828e5fde6c62a3051ed
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
logrhythm-logo-white.svg
logrhythm.com/wp-content/themes/logrhythm-child/dist/img/
|
3 KB
5 KB
|
68ms
65ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/img/logrhythm-logo-white.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 7e0b427fb8a24a526d196dd476a027463dd3a1fed8af31f53919886ef7c21fb1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
gartner-mq-logrhythm-leader-2021.svg
logrhythm.com/wp-content/uploads/2022/02/
|
1 KB
4 KB
|
68ms
65ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/gartner-mq-logrhythm-leader-2021.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 103d65d0bb1059863bacf409fb11aec0de3bc4b388b31fac43345dc68565cf06
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
email-decode.min.js
Show response
logrhythm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
|
1 KB
901 B
|
23ms
23ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
|
GET
H3
|
200
|
animations.min.css
logrhythm.com/wp-content/plugins/elementor/assets/lib/animations/
|
18 KB
6 KB
|
35ms
34ms
|
Stylesheet
text/css |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/animations/animations.min.css?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- fe513ef974b767510d0a2b9f1b4d3afa53185b89ab617c869e5e3d6db960192c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
waypoints.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/lib/waypoints/
|
12 KB
6 KB
|
30ms
30ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.js
Show response
logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/
|
25 KB
7 KB
|
37ms
37ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/header-footer/inc/js/frontend.js?ver=2.1.14
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- e92fb6dc00e3c04e1f9af5a1554a33e2b3f2b1d7f9a9266066863a932437f0b9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
comment_count.js
Show response
logrhythm.com/wp-content/plugins/disqus-comment-system/public/js/
|
889 B
4 KB
|
36ms
36ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
main.js
Show response
logrhythm.com/wp-content/themes/stratusx/assets/js/
|
10 KB
7 KB
|
30ms
30ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/stratusx/assets/js/main.js?ver=1.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1120606d70171f70f1c92b702798a10dedacf4e5a3efd3b7cb7a649f524b50d2
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
app.min.js
Show response
logrhythm.com/wp-content/themes/logrhythm-child/dist/js/
|
101 KB
39 KB
|
69ms
66ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/js/app.min.js?ver=1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b830faccf14d4753732c5d7c854ffb8092ecd49afc2d87b57e257021720c98b0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
marketo-prefill.min.js
Show response
logrhythm.com/wp-content/themes/logrhythm-child/dist/js/
|
2 KB
4 KB
|
33ms
33ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/logrhythm-child/dist/js/marketo-prefill.min.js?ver=6.0.1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 087736c1739310dc04c47e35f7e654cd75479dbf764da09eea77eb29b63e7030
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
themo-foot.js
Show response
logrhythm.com/wp-content/plugins/th-widget-pack/js/
|
11 KB
6 KB
|
32ms
31ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/th-widget-pack/js/themo-foot.js?ver=2.1.14
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- be557052880037a1c160050458fc687e95a193799d58686f0e2eefc8b39f4f42
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
vendor_footer.js
Show response
logrhythm.com/wp-content/themes/stratusx/assets/js/vendor/
|
117 KB
36 KB
|
33ms
33ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/themes/stratusx/assets/js/vendor/vendor_footer.js?ver=1.2
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- eaff775ad40803675c3df967fd79d70cfe3cca7b691c0c7a5e03bfdc0b2850ff
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
main.js
Show response
logrhythm.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/
|
57 KB
17 KB
|
29ms
29ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/gdpr-cookie-compliance/dist/scripts/main.js?ver=4.8.12
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- be484c9d69d3c256a119e904b92711c093e31494b18d3e6c69888dca6a0cd928
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
lottie.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/lottie/
|
247 KB
66 KB
|
192ms
190ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.min.js?ver=5.6.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 0eceb9be92f0ec6a1b69ebafa0bdb6bd72506565259ca6c4574185e7336d0f04
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
webpack-pro.runtime.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
5 KB
6 KB
|
37ms
36ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 6f70f923b2ab16028477cab0d08b65bba7902871f49a4f6edda814da01c16449
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
webpack.runtime.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
5 KB
6 KB
|
40ms
36ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 08c70fae8c5a06e27f90b3b8bac23c07318fe3ead7cebd2a7ac2e56a7a6c00e0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend-modules.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
32 KB
14 KB
|
42ms
37ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- dcf3add9ee30897e196931db9947cd4fa29f8b9244b49938f1590ed6fabe4002
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
regenerator-runtime.min.js
Show response
logrhythm.com/wp-includes/js/dist/vendor/
|
6 KB
6 KB
|
59ms
55ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- f30769ea0b80a5d900c5f0de30b1aad1ab461195e69223d5ef63c2c5de8b6c1a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
wp-polyfill.min.js
Show response
logrhythm.com/wp-includes/js/dist/vendor/
|
19 KB
10 KB
|
54ms
51ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 6fecb89a29ee2bd397bb1bf58ecaa530a76f0654db71fadefd3cc70b0bc302bf
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
hooks.min.js
Show response
logrhythm.com/wp-includes/js/dist/
|
5 KB
5 KB
|
38ms
35ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/hooks.min.js?ver=c6d64f2cb8f5c6bb49caca37f8828ce3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 9bd82960d99b3a76f4af77a88a346bd61f87bac5ff2f385ee28cd669d8f22134
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
i18n.min.js
Show response
logrhythm.com/wp-includes/js/dist/
|
10 KB
7 KB
|
51ms
48ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/dist/i18n.min.js?ver=ebee46757c6a411e38fd079a7ac71d94
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1dc4b29dd0acbed77ec2fd81036c33efd4ab5989e8182705a30615a00a0117f7
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
21 KB
9 KB
|
61ms
58ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 6cc88f6ecc4a347b5cede85aca7e298a306aad67dfd4d80a59e66d254f513ba8
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
core.min.js
Show response
logrhythm.com/wp-includes/js/jquery/ui/
|
20 KB
10 KB
|
63ms
59ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
swiper.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/lib/swiper/
|
136 KB
39 KB
|
64ms
61ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/swiper/swiper.min.js?ver=5.3.6
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b23f49f504faa32aac548b6662ffd64412f6738496fab8be38da46c5b7121804
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
share-link.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/lib/share-link/
|
3 KB
4 KB
|
67ms
63ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/share-link/share-link.min.js?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 4a7ee62eb33f3bbb66c2151e5cac6bf4904e28302efc36128f3e3ccae6fde580
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
dialog.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/lib/dialog/
|
10 KB
7 KB
|
59ms
55ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/lib/dialog/dialog.min.js?ver=4.9.0
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b936db5880aa9b6b2f26a8d32fc2b689fb75f69d971b94194f16dba801221ffe
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
frontend.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
40 KB
16 KB
|
55ms
52ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 37209a2b751204dc01191986b6ef47f27463285de8a341729c514d70a19a90fe
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
preloaded-elements-handlers.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/js/
|
131 KB
35 KB
|
41ms
38ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/js/preloaded-elements-handlers.min.js?ver=3.7.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- e248cb2d34cb478ad0bb8b2801665869a6966195555f0c429821f55f72e46399
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
preloaded-modules.min.js
Show response
logrhythm.com/wp-content/plugins/elementor/assets/js/
|
42 KB
16 KB
|
46ms
43ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor/assets/js/preloaded-modules.min.js?ver=3.6.8
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 7eff8a4d2f5a29458fcd0011369e968d11034606827eba00149982d1a3b67c60
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
jquery.sticky.min.js
Show response
logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/sticky/
|
4 KB
5 KB
|
67ms
64ms
|
Script
application/javascript |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.3
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- aec33c581d5e02e4431f1afc6396a33f1637ad979a3412a2ecc237932af3c8a0
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
LogRhythm_TM_Logo_ForLightBackgrounds_RGB-1.svg
logrhythm.com/wp-content/uploads/2022/02/
|
3 KB
5 KB
|
55ms
52ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/LogRhythm_TM_Logo_ForLightBackgrounds_RGB-1.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 7baa8418eba4ee1e100cbea28c14678226d047e0f5563976f5a92c8a0aaac45f
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
p.css
p.typekit.net/
|
5 B
195 B
|
314ms
27ms
|
Stylesheet
text/css |
2a02:26f0:11a::6867:4848
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/74b049/00000000000000007735b97f/30/
|
12 KB
12 KB
|
108ms
26ms
|
Font
application/font-woff2 |
2a02:26f0:11a::6867:4851
AKAMAI-ASN1
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
90 B
0
|
|
Image
image/webp |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
44 B
0
|
|
Image
image/webp |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
38 B
0
|
|
Image
image/webp |
|
|
|
GET
H2
|
200
|
gtm.js
Show response
www.googletagmanager.com/
|
276 KB
84 KB
|
104ms
40ms
|
Script
application/javascript |
2a00:1450:4001:800::2008
GOOGLE
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/dde969/00000000000000007735b995/30/
|
12 KB
12 KB
|
105ms
35ms
|
Font
application/font-woff2 |
2a02:26f0:11a::6867:4851
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/34c58e/00000000000000007735b983/30/
|
12 KB
12 KB
|
94ms
28ms
|
Font
application/font-woff2 |
2a02:26f0:11a::6867:4851
AKAMAI-ASN1
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
82 B
0
|
|
Image
image/webp |
|
|
|
GET
H/1.1
|
200
OK
|
count.js
Show response
logrhythm-com.disqus.com/
|
1 KB
2 KB
|
99ms
21ms
|
Script
application/javascript |
199.232.192.134
FASTLY
|
|
General
- Full URL
- https://logrhythm-com.disqus.com/count.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
- Protocol
- HTTP/1.1
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
199.232.192.134
, United States,
ASN54113
(FASTLY, US),
- Reverse DNS
- Software
-
nginx /
- Resource Hash
- 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=300; includeSubdomains |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
space-stars-background-1920.jpg
logrhythm.com/wp-content/uploads/2021/07/
|
237 KB
240 KB
|
217ms
207ms
|
Image
image/jpeg |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/07/space-stars-background-1920.jpg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/uploads/elementor/css/post-86515.css?ver=1659982509
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 3e292f4b6d81003d9d2ac3ceb89881936a670f8f595f7dd65d2517e01864c108
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
background-flatirons-violet-01-1.png
logrhythm.com/wp-content/uploads/2022/02/
|
1 KB
5 KB
|
42ms
29ms
|
Image
image/webp |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/background-flatirons-violet-01-1.png
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/uploads/elementor/css/post-86515.css?ver=1659982509
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 67614828cf3f7a0f61ee5dc0f9a6212d44c8f98e8a9da03327d13beaf3a61fc1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
l
use.typekit.net/af/c2b6e5/00000000000000007735afee/30/
|
11 KB
11 KB
|
78ms
47ms
|
Font
application/font-woff2 |
2a02:26f0:11a::6867:4851
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
l
use.typekit.net/af/1fe1ce/00000000000000007735aff6/30/
|
12 KB
12 KB
|
60ms
30ms
|
Font
application/font-woff2 |
2a02:26f0:11a::6867:4851
AKAMAI-ASN1
|
|
|
GET
H3
|
200
|
bass-pro-shops.svg
logrhythm.com/wp-content/uploads/2020/02/
|
62 KB
22 KB
|
40ms
39ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/bass-pro-shops.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ae9ef3d0d05c9e229ebbd7009ded09f341b455526437ead0356f1761d4a2e0d5
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
fujitsu.svg
logrhythm.com/wp-content/uploads/2020/02/
|
2 KB
4 KB
|
100ms
84ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/fujitsu.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b11816c7455483f37b1d6881ea8dc890038af645a0877c5e5147f11dcbc4c356
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
nasa.svg
logrhythm.com/wp-content/uploads/2020/02/
|
14 KB
7 KB
|
104ms
88ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/nasa.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 10599ffc37dd3ff57db5d5a984854c3beecfdbd271e8fa1d7321127e84d93edb
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
sirius-xm.svg
logrhythm.com/wp-content/uploads/2020/02/
|
7 KB
6 KB
|
86ms
71ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/sirius-xm.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ec7839f109ee0d8025aa46fc9165cfc9ac1e52674c0fc00a675210481c6e90db
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
ucla.svg
logrhythm.com/wp-content/uploads/2020/02/
|
6 KB
5 KB
|
88ms
72ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/02/ucla.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- ac8941daec8b1c75b6345ab83858bfc13d9c485d4aacdea52ecf759c34c92f6a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
nasdaq-logo.svg
logrhythm.com/wp-content/uploads/2020/07/
|
7 KB
6 KB
|
93ms
77ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2020/07/nasdaq-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- aefb9fe37c3f3c194d228b5eb8381d3a5aee56552a9f847866f887e6b3ecc9ac
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
smuckers-logo-compressed.svg
logrhythm.com/wp-content/uploads/2021/05/
|
263 KB
201 KB
|
98ms
83ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/05/smuckers-logo-compressed.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- e519fd79175fd08a94f8ef947f61466edb6351bd2d5fae6a6ff23deaa244fa90
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
temple-university-logo-compressed.svg
logrhythm.com/wp-content/uploads/2021/05/
|
4 KB
5 KB
|
75ms
59ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/05/temple-university-logo-compressed.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- fe04371e99bc3a1cd9669a16fc95bdff81ded468cd7e14dad38669817130c27b
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
bakertilly-logo.svg
logrhythm.com/wp-content/uploads/2021/08/
|
5 KB
6 KB
|
76ms
61ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/08/bakertilly-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 726cdb991294913fa2541fe5fa763a8725c3cb3f5c878b56da38559fbfb9bc92
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
chart-industries-logo.svg
logrhythm.com/wp-content/uploads/2021/08/
|
7 KB
6 KB
|
91ms
76ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/08/chart-industries-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 84e51490bf098d4ab164444efab69b0019350238365b18ce3328701837d258f1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
us-air-force.svg
logrhythm.com/wp-content/uploads/2022/02/
|
5 KB
5 KB
|
90ms
75ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/us-air-force.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 842b5d6ed9e5e4ac166eb55615b55da7366a235b19af87375f70c74afabd769a
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
cdon-logo.svg
logrhythm.com/wp-content/uploads/2022/02/
|
2 KB
4 KB
|
86ms
71ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/cdon-logo.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2df44dc69064c7fa71246e486d2a28877def46caa33ada1a981a8abd7686d072
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
LR_ui_dashboard_monitor1-1-1-768x768.png
logrhythm.com/wp-content/uploads/2022/02/
|
69 KB
72 KB
|
226ms
211ms
|
Image
image/png |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/LR_ui_dashboard_monitor1-1-1-768x768.png
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- cd874c001001901ec61d339ec2eb89129d7831abaebddbe5f91d6b3c65d53e43
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H3
|
200
|
gartner-logo-white-h.svg
logrhythm.com/wp-content/uploads/2022/02/
|
2 KB
4 KB
|
91ms
76ms
|
Image
image/svg+xml |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2022/02/gartner-logo-white-h.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 1b660775ea2b75ea3eeaf076945c4f1a4d9e54bd888a6ad11e3f988106f94ff1
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
medal.svg
images.g2crowd.com/uploads/report_medal/image/1003081/
|
7 KB
3 KB
|
134ms
31ms
|
Image
image/svg+xml |
2606:4700:4400::6812:2437
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
users-love-us-2008b519df49af90dcfa7db4b5fe13c8ec24ced0348f0a6bd039711ad8bbffc7.svg
my.g2.com/assets/product-badges/
|
4 KB
2 KB
|
137ms
34ms
|
Image
image/svg+xml |
2606:4700::6812:6894
CLOUDFLARENET
|
|
General
- Full URL
- https://my.g2.com/assets/product-badges/users-love-us-2008b519df49af90dcfa7db4b5fe13c8ec24ced0348f0a6bd039711ad8bbffc7.svg
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:6894
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 2008b519df49af90dcfa7db4b5fe13c8ec24ced0348f0a6bd039711ad8bbffc7
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.g2crowd.com *.g2.com; connect-src *; font-src * data:; form-action *; frame-src *; img-src * data:; manifest-src 'self' *.g2crowd.com *.g2.com; media-src * blob:; object-src 'self' *.g2crowd.com *.g2.com; script-src * 'unsafe-inline' 'unsafe-eval'; style-src * 'unsafe-inline'; worker-src * blob: |
Strict-Transport-Security |
max-age=15552000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
pro.min.css
Show response
ka-p.fontawesome.com/releases/v6.1.2/css/
|
682 KB
116 KB
|
52ms
50ms
|
Fetch
text/css |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-v4-shims.min.css
Show response
ka-p.fontawesome.com/releases/v6.1.2/css/
|
27 KB
4 KB
|
49ms
48ms
|
Fetch
text/css |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-v5-font-face.min.css
Show response
ka-p.fontawesome.com/releases/v6.1.2/css/
|
65 KB
10 KB
|
51ms
50ms
|
Fetch
text/css |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-v4-font-face.min.css
Show response
ka-p.fontawesome.com/releases/v6.1.2/css/
|
11 KB
2 KB
|
50ms
49ms
|
Fetch
text/css |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
kit-upload.css
Show response
kit.fontawesome.com/2f1bae2942/121886770/
|
451 B
394 B
|
50ms
49ms
|
Fetch
text/css |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
js
Show response
www.googletagmanager.com/gtag/
|
205 KB
72 KB
|
74ms
32ms
|
Script
application/javascript |
2a00:1450:4001:800::2008
GOOGLE
|
|
|
GET
H/1.1
|
200
OK
|
munchkin.js
Show response
munchkin.marketo.net/
|
1 KB
1 KB
|
97ms
22ms
|
Script
application/x-javascript |
23.205.237.4
AKAMAI-AS
|
|
|
GET
H2
|
200
|
conversion_async.js
Show response
www.googleadservices.com/pagead/
|
41 KB
16 KB
|
77ms
31ms
|
Script
text/javascript |
142.250.185.98
GOOGLE
|
|
|
GET
H2
|
200
|
insight.min.js
Show response
snap.licdn.com/li.lms-analytics/
|
8 KB
3 KB
|
141ms
29ms
|
Script
application/x-javascript |
2a02:26f0:11a::6867:4868
AKAMAI-ASN1
|
|
|
GET
H2
|
200
|
uwt.js
Show response
static.ads-twitter.com/
|
56 KB
15 KB
|
646ms
25ms
|
Script
application/javascript |
199.232.16.157
FASTLY
|
|
|
GET
H2
|
200
|
fbevents.js
Show response
connect.facebook.net/en_US/
|
100 KB
27 KB
|
92ms
26ms
|
Script
application/x-javascript |
2a03:2880:f007:8:face:b00c:0:1
FACEBOOK
|
|
General
- Full URL
- https://connect.facebook.net/en_US/fbevents.js
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a03:2880:f007:8:face:b00c:0:1
Vienna, Austria,
ASN32934
(FACEBOOK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 9d98a94c67e6e29d48d55ba2f6b415d0646af7f7313b539697eb53b34ab78c4c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; |
Strict-Transport-Security |
max-age=31536000; preload; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
arrive.min.js
Show response
cdnjs.cloudflare.com/ajax/libs/arrive/2.4.1/
|
5 KB
2 KB
|
79ms
26ms
|
Script
application/javascript |
2606:4700::6811:190e
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
jukebox.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
51 KB
17 KB
|
628ms
18ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
analytics.js
Show response
www.google-analytics.com/
|
49 KB
20 KB
|
57ms
15ms
|
Script
text/javascript |
2a00:1450:4001:800::200e
GOOGLE
|
|
General
- Full URL
- https://www.google-analytics.com/analytics.js
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N3MMPPN
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:800::200e
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=10886400; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
pro-fa-duotone-900-d5bbe9.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
32 KB
32 KB
|
75ms
68ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-brands-400-f6b769.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
18 KB
18 KB
|
40ms
33ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-brands-400-56ba33.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
44 KB
44 KB
|
37ms
31ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-regular-400-16f2f9.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
24 KB
24 KB
|
57ms
52ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-duotone-900-e41116.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
26 KB
26 KB
|
74ms
70ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-aa90b0.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
24 KB
24 KB
|
77ms
72ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-regular-400-c238fb.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
26 KB
26 KB
|
76ms
72ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
kit-upload.woff2
kit.fontawesome.com/2f1bae2942/121886770/
|
1 KB
1 KB
|
470ms
465ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-c238fb.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
22 KB
22 KB
|
66ms
66ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-792d0c.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
25 KB
25 KB
|
67ms
66ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-25ee0f.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
24 KB
25 KB
|
77ms
76ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-910f33.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
25 KB
25 KB
|
84ms
83ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-solid-900-b1cb49.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
25 KB
25 KB
|
80ms
80ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H2
|
200
|
pro-fa-brands-400-bbafe9.woff2
ka-p.fontawesome.com/releases/v6.1.2/webfonts/
|
42 KB
42 KB
|
44ms
44ms
|
Font
font/woff2 |
2606:4700::6812:1734
CLOUDFLARENET
|
|
|
GET
H3
|
200
|
destination
Show response
www.googletagmanager.com/gtag/
|
205 KB
72 KB
|
41ms
38ms
|
Script
application/javascript |
2a00:1450:4001:800::2008
GOOGLE
|
|
|
GET
H2
|
200
|
getForm
Show response
ecrm.logrhythm.com/index.php/form/
|
6 KB
2 KB
|
78ms
77ms
|
Script
application/javascript |
104.17.74.206
CLOUDFLARENET
|
|
General
- Full URL
- https://ecrm.logrhythm.com/index.php/form/getForm?munchkinId=050-UWT-888&form=1920&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&callback=jQuery112404639057849414301_1661737352105&_=1661737352106
- Requested by
- Host: ecrm.logrhythm.com
URL: https://ecrm.logrhythm.com/js/forms2/js/forms2.min.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_ECDSA, AES_128_GCM
- Server
-
104.17.74.206
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- de9e17bb4d674eaf74d636068c001bd3902f09e2631a5b03f4b9560e187c5867
|
GET
H3
|
200
|
29522-space-tour.json
Show response
logrhythm.com/wp-content/uploads/2021/07/
|
842 KB
444 KB
|
472ms
472ms
|
XHR
application/json |
141.193.213.21
CLOUDFLARESPECTRU...
|
|
General
- Full URL
- https://logrhythm.com/wp-content/uploads/2021/07/29522-space-tour.json
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/wp-content/plugins/elementor-pro/assets/lib/lottie/lottie.min.js?ver=5.6.6
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
141.193.213.21
, United States,
ASN209242
(CLOUDFLARESPECTRUM Cloudflare, Inc., US),
- Reverse DNS
- Software
-
cloudflare /
WP Engine
- Resource Hash
- 5757a4c7172efe71ca15fab282fc65180c699d488593e87ac4ab7a14394f5492
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' https://logrhythm.com https://disqus.com https://c.disquscdn.com; connect-src 'self' https://logrhythm.com https://bat.bing.com https://*.logrhythm.com https://maps.googleapis.com https://*.fontawesome.com https://*.clarity.ms wss://nexus-websocket-a.intercom.io https://use.typekit.net https://050-uwt-888.mktoutil.com https://*.addthisedge.com https://ampcid.google.com https://www.googletagmanager.com https://*.ampproject.org https://*.addthis.com https://*.ampproject.net https://connect.facebook.net https://yoast.com https://*.facebook.com https://*.hotjar.io wss://*.hotjar.com https://*.hotjar.com https://stats.g.doubleclick.net https://*.yoast.com https://d3hb14vkzrxvla.cloudfront.net https://www.g2.com https://jukebox.pathfactory.com https://www.google-analytics.com https://api-iam.intercom.io https://050-uwt-888.mktoresp.com; font-src 'self' data: https://js.intercomcdn.com https://*.logrhythm.com https://*.hotjar.com https://*.typekit.net https://*.sharepointonline.com https://spoprod-a.akamaihd.net https://fonts.gstatic.com https://*.fontawesome.com https://maxcdn.bootstrapcdn.com https://cdn.pathfactory.com https://app.cdn.lookbookhq.com; img-src https: data: blob: ; media-src 'self' blob: https://*.logrhythm.com https://*.intercomcdn.com; object-src 'none'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://*.logrhythm.com https://logrhythm.widget.insent.ai https://yoast.com https://*.clarity.ms https://j.6sc.co https://cdn.jsdelivr.net https://cdn-app.pathfactory.com https://*.bizzabo.com https://unpkg.com/web-vitals https://www.g2.com https://*.facebook.com https://cdn.syndication.twimg.com https://www.gartner.com https://www.google.com https://www.googleoptimize.com https://*.googleapis.com https://tpc.googlesyndication.com https://optimize.google.com https://www.youtube.com https://ssl.google-analytics.com https://www.googletagmanager.com https://www.google-analytics.com https://cdn.ampproject.org https://www.googleadservices.com https://www.gstatic.com https://*.intercom.io https://js.intercomcdn.com https://*.typeform.com js-agent.newrelic.com https://bam.nr-data.net https://beacon-v2.helpscout.net https://boards.greenhouse.io https://kit.fontawesome.com https://bat.bing.com https://munchkin.marketo.net https://snap.licdn.com https://static.ads-twitter.com https://*.twitter.com https://*.hotjar.com https://app.leadsrx.com https://secure.leadforensics.com https://connect.facebook.net https://googleads.g.doubleclick.net https://logrhythm-com.disqus.com https://app.cdn.lookbookhq.com https://jukebox.pathfactory.com https://app-abc.marketo.com https://www.brighttalk.com https://cdnjs.cloudflare.com; style-src 'self' 'unsafe-inline' https://*.logrhythm.com https://cdn.jsdelivr.net https://*.fontawesome.com https://yoast.com https://rgsharedweb.s3.amazonaws.com https://www.googletagmanager.com/debug/ https://ka-p.fontawesome.com https://*.bizzabo.com https://platform.twitter.com https://*.twimg.com https://*.typekit.net https://*.disquscdn.com https://www.gartner.com https://*.googleapis.com https://optimize.google.com https://tagmanager.google.com https://maxcdn.bootstrapcdn.com https://app.cdn.lookbookhq.com; frame-src 'self' https://logrhythm.widget.insent.ai https://logrhythm.com https://*.logrhythm.com https://*.bizzabo.com https://forms.office.com https://www.facebook.com https://*.elementor.com https://www.itcentralstation.com https://optimize.google.com https://www.google.com https://tpc.googlesyndication.com https://*.twitter.com https://*.addthis.com https://*.ampproject.net https://www.slideshare.net https://*.hotjar.com https://maps.google.com https://www.gartner.com https://tags.bluekai.com https://www.g2.com https://www.youtube-nocookie.com https://googleads.g.doubleclick.net https://boards.greenhouse.io https://disqus.com https://tempest.services.disqus.com https://www.youtube.com https://bid.g.doubleclick.net https://www.brighttalk.com https://*.fls.doubleclick.net; prefetch-src 'self' https://disqus.com https://*.disquscdn.com; frame-ancestors 'self' explore.logrhythm.com https://www.g2.com https://*.getbambu.com https://*.logrhythm.com; |
Strict-Transport-Security |
max-age=63072000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H/1.1
|
200
OK
|
munchkin.js
Show response
munchkin.marketo.net/161/
|
11 KB
5 KB
|
23ms
23ms
|
Script
application/x-javascript |
23.205.237.4
AKAMAI-AS
|
|
|
GET
H2
|
200
|
/
Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1070386004/
|
2 KB
2 KB
|
407ms
29ms
|
Script
text/javascript |
2a00:1450:4001:801::2002
GOOGLE
|
|
General
- Full URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1070386004/?random=1661737352573&cv=9&fst=1661737352573&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&auid=1552658247.1661737352&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
- Requested by
- Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:801::2002
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- 4fdc2acefb5bc955f48b88369fe1252fb218ad9089fb62154a3a24909d309168
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/952414179/
|
2 KB
1 KB
|
408ms
30ms
|
Script
text/javascript |
2a00:1450:4001:801::2002
GOOGLE
|
|
General
- Full URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/952414179/?random=1661737352575&cv=9&fst=1661737352575&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&auid=1552658247.1661737352&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
- Requested by
- Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:801::2002
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- 751ccb5dc07c1ab3bb8fba83c6dec15d0933eb79d544227fe2050fd1bc06e63e
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/903108792/
|
2 KB
1 KB
|
412ms
34ms
|
Script
text/javascript |
2a00:1450:4001:801::2002
GOOGLE
|
|
General
- Full URL
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/903108792/?random=1661737352576&cv=9&fst=1661737352576&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&auid=1552658247.1661737352&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
- Requested by
- Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:801::2002
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- 9ed299d77c5a30fd7f40afddae4be423b59aec344e2b53fa23e12d228f5758d8
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H3
|
200
|
232919347190734
Show response
connect.facebook.net/signals/config/
|
293 KB
84 KB
|
115ms
85ms
|
Script
application/x-javascript |
2a03:2880:f007:8:face:b00c:0:1
FACEBOOK
|
|
General
- Full URL
- https://connect.facebook.net/signals/config/232919347190734?v=2.9.78&r=stable
- Requested by
- Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
2a03:2880:f007:8:face:b00c:0:1
Vienna, Austria,
ASN32934
(FACEBOOK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 73d86f25caf9ce9d56f668450831b0e6fed18517114d802727629a713db95a51
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; |
Strict-Transport-Security |
max-age=31536000; preload; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
DENY |
X-Xss-Protection |
0 |
|
POST
H2
|
200
|
collect
Show response
stats.g.doubleclick.net/j/
|
4 B
441 B
|
391ms
27ms
|
XHR
text/plain |
2a00:1450:400c:c09::9b
GOOGLE
|
|
General
- Full URL
- https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3420049-1&cid=471849105.1661737353&jid=1759892032&gjid=960651121&_gid=629646344.1661737353&_u=YGBAgUABAAAAAE~&z=537443299
- Requested by
- Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:400c:c09::9b
Brussels, Belgium,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=10886400; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H3
|
200
|
collect
www.google-analytics.com/
|
35 B
55 B
|
47ms
15ms
|
Image
image/gif |
2a00:1450:4001:800::200e
GOOGLE
|
|
General
- Full URL
- https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1765339552&t=pageview&_s=1&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20LogRhythm&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUAB~&jid=1759892032&gjid=960651121&cid=471849105.1661737353&tid=UA-3420049-1&_gid=629646344.1661737353>m=2wg8o0N3MMPPN&z=1419308597
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
2a00:1450:4001:800::200e
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
collect
px4.ads.linkedin.com/
Redirect Chain
-
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=74706&time=1661737352592&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
-
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D74706%26time%3D1661737352592%26url%3Dhttps%253A%252F%252Flogrhythm.com%252Fblog%2...
-
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=74706&time=1661737352592&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&liSync=true
-
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=74706&time=1661737352592&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&liSync=true&e_ipv6=AQIEnF2hqJVqawAAAYLnQ8...
|
0
265 B
|
319ms
192ms
|
Image
application/javascript |
13.107.42.14
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=74706&time=1661737352592&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&liSync=true&e_ipv6=AQIEnF2hqJVqawAAAYLnQ8DpS5OXioby5oQt4H3y6O-XUJTQm0LZk3R-6qXc67P9givQtXBv1A-Ndf1J7Mx-TsuXUXNEIQ
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Server
-
13.107.42.14
, United States,
ASN8068
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
POST
H2
|
204
|
collect
region1.google-analytics.com/g/
|
0
346 B
|
364ms
22ms
|
Ping
text/plain |
2001:4860:4802:34::36
GOOGLE
|
|
General
- Full URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-1FE13FG8WE>m=2oe8o0&_p=1765339552&cid=471849105.1661737353&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661737352&sct=1&seg=0&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&dt=Page%20not%20found%20-%20LogRhythm&en=page_view&_fv=1&_ss=1
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FE13FG8WE&l=dataLayer&cx=c
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2001:4860:4802:34::36
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
GET
H2
|
200
|
forms2.css
ecrm.logrhythm.com/js/forms2/css/
|
13 KB
3 KB
|
25ms
24ms
|
Stylesheet
text/css |
104.17.74.206
CLOUDFLARENET
|
|
General
- Full URL
- https://ecrm.logrhythm.com/js/forms2/css/forms2.css
- Requested by
- Host: ecrm.logrhythm.com
URL: https://ecrm.logrhythm.com/js/forms2/js/forms2.min.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_ECDSA, AES_128_GCM
- Server
-
104.17.74.206
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
forms2-theme-simple.css
ecrm.logrhythm.com/js/forms2/css/
|
826 B
328 B
|
25ms
25ms
|
Stylesheet
text/css |
104.17.74.206
CLOUDFLARENET
|
|
General
- Full URL
- https://ecrm.logrhythm.com/js/forms2/css/forms2-theme-simple.css
- Requested by
- Host: ecrm.logrhythm.com
URL: https://ecrm.logrhythm.com/js/forms2/js/forms2.min.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_ECDSA, AES_128_GCM
- Server
-
104.17.74.206
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- 14c8c62dc692fd8faa04434e3fed25e7c23d596b732f9db88f6e9f9ff5dfa61c
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
XDFrame
Show response
ecrm.logrhythm.com/index.php/form/
Frame 7E4A
|
2 KB
890 B
|
123ms
120ms
|
Document
text/html |
104.17.74.206
CLOUDFLARENET
|
|
|
POST
H/1.1
|
200
OK
|
visitWebPage
050-uwt-888.mktoresp.com/webevents/
|
2 B
318 B
|
622ms
103ms
|
Ping
text/plain |
192.28.144.124
OMNITURE
|
|
General
- Full URL
- https://050-uwt-888.mktoresp.com/webevents/visitWebPage?_mchNc=1661737352953&_mchCn=&_mchId=050-UWT-888&_mchTk=_mch-logrhythm.com-1661737352953-91197&_mchHo=logrhythm.com&_mchPo=&_mchRu=%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&_mchPc=https%3A&_mchVr=161&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
- Requested by
- Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/161/munchkin.js
- Protocol
- HTTP/1.1
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
192.28.144.124
, United States,
ASN15224
(OMNITURE, US),
- Reverse DNS
- Software
-
nginx/1.20.1 /
- Resource Hash
- 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
|
GET
H2
|
200
|
/
www.facebook.com/tr/
|
44 B
410 B
|
49ms
16ms
|
Image
image/gif |
2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK
|
|
General
- Full URL
- https://www.facebook.com/tr/?id=232919347190734&ev=PageView&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&rl=&if=false&ts=1661737352978&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=29&fbp=fb.1.1661737352973.844603352&it=1661737352582&coo=false&rqm=GET
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a03:2880:f11c:8183:face:b00c:0:25de
Frankfurt am Main, Germany,
ASN32934
(FACEBOOK, US),
- Reverse DNS
- Software
-
proxygen-bolt /
- Resource Hash
- 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
|
GET
H2
|
200
|
677.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
7 KB
3 KB
|
15ms
15ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
ga-audiences
www.google.com/ads/
|
42 B
501 B
|
68ms
27ms
|
Image
image/gif |
2a00:1450:4001:80b::2004
GOOGLE
|
|
General
- Full URL
- https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3420049-1&cid=471849105.1661737353&jid=1759892032&_u=YGBAgUABAAAAAE~&z=1873810157
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80b::2004
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
ga-audiences
www.google.de/ads/
|
42 B
107 B
|
69ms
28ms
|
Image
image/gif |
2a00:1450:4001:80f::2003
GOOGLE
|
|
General
- Full URL
- https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3420049-1&cid=471849105.1661737353&jid=1759892032&_u=YGBAgUABAAAAAE~&z=1873810157
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80f::2003
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
www.google.com/pagead/1p-user-list/1070386004/
|
42 B
108 B
|
70ms
30ms
|
Image
image/gif |
2a00:1450:4001:80b::2004
GOOGLE
|
|
General
- Full URL
- https://www.google.com/pagead/1p-user-list/1070386004/?random=1661737352573&cv=9&fst=1661734800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&async=1&fmt=3&is_vtc=1&random=3493452043&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80b::2004
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
www.google.de/pagead/1p-user-list/1070386004/
|
42 B
548 B
|
66ms
26ms
|
Image
image/gif |
2a00:1450:4001:80f::2003
GOOGLE
|
|
General
- Full URL
- https://www.google.de/pagead/1p-user-list/1070386004/?random=1661737352573&cv=9&fst=1661734800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&async=1&fmt=3&is_vtc=1&random=3493452043&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80f::2003
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
www.google.com/pagead/1p-user-list/952414179/
|
42 B
154 B
|
67ms
28ms
|
Image
image/gif |
2a00:1450:4001:80b::2004
GOOGLE
|
|
General
- Full URL
- https://www.google.com/pagead/1p-user-list/952414179/?random=1661737352575&cv=9&fst=1661734800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&async=1&fmt=3&is_vtc=1&random=2904912723&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80b::2004
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
www.google.de/pagead/1p-user-list/952414179/
|
42 B
108 B
|
68ms
29ms
|
Image
image/gif |
2a00:1450:4001:80f::2003
GOOGLE
|
|
General
- Full URL
- https://www.google.de/pagead/1p-user-list/952414179/?random=1661737352575&cv=9&fst=1661734800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&async=1&fmt=3&is_vtc=1&random=2904912723&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80f::2003
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
www.google.com/pagead/1p-user-list/903108792/
|
42 B
108 B
|
69ms
30ms
|
Image
image/gif |
2a00:1450:4001:80b::2004
GOOGLE
|
|
General
- Full URL
- https://www.google.com/pagead/1p-user-list/903108792/?random=1661737352576&cv=9&fst=1661734800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&async=1&fmt=3&is_vtc=1&random=1566369540&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80b::2004
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
/
www.google.de/pagead/1p-user-list/903108792/
|
42 B
108 B
|
29ms
29ms
|
Image
image/gif |
2a00:1450:4001:80f::2003
GOOGLE
|
|
General
- Full URL
- https://www.google.de/pagead/1p-user-list/903108792/?random=1661737352576&cv=9&fst=1661734800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4>m=2wg8o0&sendb=1&frm=0&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tiba=Page%20not%20found%20-%20LogRhythm&async=1&fmt=3&is_vtc=1&random=1566369540&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:80f::2003
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
cafe /
- Resource Hash
- ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
- Security Headers
-
Name |
Value |
Content-Security-Policy |
script-src 'none'; object-src 'none' |
X-Content-Type-Options |
nosniff |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
adsct
t.co/i/
|
43 B
336 B
|
168ms
121ms
|
Image
image/gif |
104.244.42.69
TWITTER
|
|
General
- Full URL
- https://t.co/i/adsct?bci=3&eci=2&event_id=29ee7d24-aa88-4cc7-a89a-28180fb7dfec&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=753b6094-8cbb-4c9e-98d2-5e7a3c60db7e&tw_document_href=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw4xr&type=javascript&version=2.3.26
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
104.244.42.69
, United States,
ASN13414
(TWITTER, US),
- Reverse DNS
- Software
-
tsa_o /
- Resource Hash
- ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=0 |
|
GET
H2
|
200
|
adsct
analytics.twitter.com/i/
|
43 B
354 B
|
449ms
118ms
|
Image
image/gif |
104.244.42.67
TWITTER
|
|
General
- Full URL
- https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=29ee7d24-aa88-4cc7-a89a-28180fb7dfec&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=753b6094-8cbb-4c9e-98d2-5e7a3c60db7e&tw_document_href=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nw4xr&type=javascript&version=2.3.26
- Requested by
- Host: logrhythm.com
URL: https://logrhythm.com/blog/deep-dive-into-plugx-malware/'/
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
104.244.42.67
, United States,
ASN13414
(TWITTER, US),
- Reverse DNS
- Software
-
tsa_o /
- Resource Hash
- ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=631138519 |
|
OPTIONS
H2
|
200
|
init
jukebox.pathfactory.com/api/public/v1/
Frame
|
0
0
|
358ms
109ms
|
Preflight
|
54.82.195.36
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/init?clientId=LB-72E778C0-10607&image=&title=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
54.82.195.36
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-54-82-195-36.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
|
GET
H2
|
200
|
447.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
455 B
818 B
|
16ms
15ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
init
Show response
jukebox.pathfactory.com/api/public/v1/
|
11 KB
4 KB
|
475ms
263ms
|
XHR
application/json |
54.82.195.36
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/init?clientId=LB-72E778C0-10607&image=&title=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
54.82.195.36
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-54-82-195-36.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
- 3fde201925fe9dc3d22400e9d50c14a5878e06f7ea3de7ba4e1b001c76f440c9
- Security Headers
-
Name |
Value |
Content-Security-Policy |
|
Strict-Transport-Security |
max-age=31536000; includeSubDomains |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/
|
28 KB
7 KB
|
69ms
26ms
|
Stylesheet
text/css |
2606:4700::6812:bcf
CLOUDFLARENET
|
|
General
- Full URL
- https://maxcdn.bootstrapcdn.com/font-awesome/4.6.1/css/font-awesome.min.css
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/447.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2606:4700::6812:bcf
, United States,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b5d7707ea8fc00aae40bf500ac7498d7f32f6b1bbff7b4fde976a40345eb5f9d
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
|
GET
H2
|
200
|
css
fonts.googleapis.com/
|
4 KB
1 KB
|
65ms
25ms
|
Stylesheet
text/css |
2a00:1450:4001:813::200a
GOOGLE
|
|
General
- Full URL
- https://fonts.googleapis.com/css?family=Roboto:400,700
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/447.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2a00:1450:4001:813::200a
Frankfurt am Main, Germany,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
ESF /
- Resource Hash
- 099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=31536000 |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
0 |
|
GET
H2
|
200
|
forms2.min.js
Show response
ecrm.logrhythm.com/js/forms2/js/
Frame 7E4A
|
208 KB
69 KB
|
25ms
25ms
|
Script
application/x-javascript |
104.17.74.206
CLOUDFLARENET
|
|
General
- Full URL
- https://ecrm.logrhythm.com/js/forms2/js/forms2.min.js
- Requested by
- Host: ecrm.logrhythm.com
URL: https://ecrm.logrhythm.com/index.php/form/XDFrame
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_ECDSA, AES_128_GCM
- Server
-
104.17.74.206
-, ,
ASN13335
(CLOUDFLARENET, US),
- Reverse DNS
- Software
-
cloudflare /
- Resource Hash
- b3fb9332b030dc33a418be1bcd7282c9052c287fb923bd36295cb3d01db9a861
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=63072000; |
X-Content-Type-Options |
nosniff |
|
GET
DATA
|
200
OK
|
truncated
/
|
31 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
31 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
170 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
22 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
21 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
21 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
22 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
33 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
57 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
39 KB
0
|
|
Image
image/png |
|
|
|
GET
DATA
|
200
OK
|
truncated
/
|
176 KB
0
|
|
Image
image/png |
|
|
|
GET
H2
|
200
|
268.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
159 KB
54 KB
|
18ms
16ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
689.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
16 KB
6 KB
|
34ms
32ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
421.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
64 KB
16 KB
|
34ms
33ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
796.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
109 KB
25 KB
|
31ms
30ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
200
|
605.js
Show response
cdn-app.pathfactory.com/production/jukebox-lite/current/
|
3 KB
2 KB
|
33ms
32ms
|
Script
application/javascript |
13.32.99.99
AMAZON-02
|
|
|
GET
H2
|
204
|
website_forms
Show response
jukebox.pathfactory.com/api/public/v1/
|
0
684 B
|
123ms
123ms
|
XHR
text/plain |
54.82.195.36
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/website_forms?clientId=LB-72E778C0-10607&visitorUuid=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Requested by
- Host: cdn-app.pathfactory.com
URL: https://cdn-app.pathfactory.com/production/jukebox-lite/current/jukebox.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
54.82.195.36
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-54-82-195-36.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
- Security Headers
-
Name |
Value |
X-Content-Type-Options |
nosniff |
|
OPTIONS
H2
|
200
|
website_forms
jukebox.pathfactory.com/api/public/v1/
Frame
|
0
0
|
109ms
108ms
|
Preflight
|
54.82.195.36
AMAZON-AES
|
|
General
- Full URL
- https://jukebox.pathfactory.com/api/public/v1/website_forms?clientId=LB-72E778C0-10607&visitorUuid=&url=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
54.82.195.36
Ashburn, United States,
ASN14618
(AMAZON-AES, US),
- Reverse DNS
- ec2-54-82-195-36.compute-1.amazonaws.com
- Software
-
/
- Resource Hash
|
POST
H2
|
200
|
page_views
Show response
jukebox.pathfactory.com/api/public/v1/
|
153 B
1 KB
|
178ms
178ms
|
XHR
application/json |
54.82.195.36
AMAZON-AES
|
|
|
GET
H2
|
200
|
insent
Show response
logrhythm.widget.insent.ai/
|
79 KB
23 KB
|
122ms
17ms
|
Script
binary/octet-stream |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
|
OPTIONS
H2
|
200
|
page_views
jukebox.pathfactory.com/api/public/v1/
Frame
|
0
0
|
110ms
110ms
|
Preflight
|
54.82.195.36
AMAZON-AES
|
|
|
GET
H2
|
200
|
/
Show response
logrhythm.widget.insent.ai/
Frame DB3B
|
3 KB
2 KB
|
17ms
16ms
|
Document
text/html |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=c8DPIE73YkgLN9C&marketo_cookies=[%22_mch-logrhythm.com-1661737352953-91197%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/insent
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:a800:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
- e755b42b549e312b4d52a94f4c8353782ecff4a57237b4e546d4aa7b34bd093b
|
GET
H2
|
200
|
env.js
Show response
logrhythm.widget.insent.ai/
Frame DB3B
|
378 B
748 B
|
17ms
15ms
|
Script
application/javascript |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/env.js
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=c8DPIE73YkgLN9C&marketo_cookies=[%22_mch-logrhythm.com-1661737352953-91197%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:a800:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
- 89a36badc95907fd50278438a72934c399417a57418c19e6a3720750df9f40c9
|
GET
H2
|
200
|
pusher.min.js
Show response
js.pusher.com/6.0/
Frame DB3B
|
64 KB
18 KB
|
413ms
22ms
|
Script
application/javascript |
52.222.213.67
AMAZON-02
|
|
|
GET
H2
|
200
|
vendors.8bc401d3.js
Show response
logrhythm.widget.insent.ai/static/js/
Frame DB3B
|
1 MB
350 KB
|
21ms
20ms
|
Script
application/javascript |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/static/js/vendors.8bc401d3.js
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=c8DPIE73YkgLN9C&marketo_cookies=[%22_mch-logrhythm.com-1661737352953-91197%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:a800:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
- cca2c1220898b50b9b229e65806691e058a924ab20ca18f015b65512dc19fb9a
|
GET
H2
|
200
|
commons.bb9c1912.js
Show response
logrhythm.widget.insent.ai/static/js/
Frame DB3B
|
209 KB
57 KB
|
107ms
106ms
|
Script
application/javascript |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/static/js/commons.bb9c1912.js
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=c8DPIE73YkgLN9C&marketo_cookies=[%22_mch-logrhythm.com-1661737352953-91197%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:a800:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
- 08a26d1e0ccf53b7c589b5629ff34578193d4f8c43a25f176180e7237803bf1a
|
GET
H2
|
200
|
reduxComponents.be024c74.js
Show response
logrhythm.widget.insent.ai/static/js/
Frame DB3B
|
50 KB
12 KB
|
109ms
108ms
|
Script
application/javascript |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/static/js/reduxComponents.be024c74.js
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=c8DPIE73YkgLN9C&marketo_cookies=[%22_mch-logrhythm.com-1661737352953-91197%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:a800:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
- f26f86b768b8f10ca0f4d2e808f4c29c343cdd464b062c514709fd14b5c7675a
|
GET
H2
|
200
|
main.c4970931.chunk.js
Show response
logrhythm.widget.insent.ai/static/js/
Frame DB3B
|
112 KB
28 KB
|
109ms
109ms
|
Script
application/javascript |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.widget.insent.ai/static/js/main.c4970931.chunk.js
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/?project_key=eCHZJAVbbvK7Q39sF6oo&blog_url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&event_listener=c8DPIE73YkgLN9C&marketo_cookies=[%22_mch-logrhythm.com-1661737352953-91197%22]&parent_innerwidth=1600&parent_innerheight=1200&widgetVisibility=true&locale=undefined
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:225e:a800:f:7ae2:7780:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
AmazonS3 /
- Resource Hash
- 86872c7d15472abf59127d5d2d48f5431a4d1108d1dbe60a4277e7a9ba059361
|
GET
H2
|
200
|
english.json
Show response
logrhythm.widget.insent.ai/
Frame DB3B
|
6 KB
2 KB
|
16ms
15ms
|
XHR
application/json |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
|
OPTIONS
H2
|
204
|
getuser
logrhythm.api.insent.ai/
Frame
|
0
0
|
498ms
425ms
|
Preflight
|
2600:9000:2491:5600:16:c97c:4100:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.api.insent.ai/getuser?url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:2491:5600:16:c97c:4100:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
getuser
Show response
logrhythm.api.insent.ai/
Frame DB3B
|
1 KB
2 KB
|
1658ms
1658ms
|
XHR
application/json |
2600:9000:2491:5600:16:c97c:4100:93a1
AMAZON-02
|
|
General
- Full URL
- https://logrhythm.api.insent.ai/getuser?url=logrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F
- Requested by
- Host: logrhythm.widget.insent.ai
URL: https://logrhythm.widget.insent.ai/static/js/vendors.8bc401d3.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_128_GCM
- Server
-
2600:9000:2491:5600:16:c97c:4100:93a1
, United States,
ASN16509
(AMAZON-02, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 72336e428e82ce0a5284e92d81e91734a63b91001982bc37403cf900d318bffb
- Security Headers
-
Name |
Value |
Strict-Transport-Security |
max-age=15552000; includeSubDomains |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
logo-logrhythm-1657126227445
attachments.insent.ai/logrhythm/
Frame DB3B
|
48 KB
49 KB
|
118ms
17ms
|
Image
application/octet-stream |
2600:9000:2490:e00:d:ed29:200:93a1
AMAZON-02
|
|
|
POST
H3
|
204
|
collect
region1.google-analytics.com/g/
|
0
17 B
|
59ms
22ms
|
Ping
text/plain |
2001:4860:4802:34::36
GOOGLE
|
|
General
- Full URL
- https://region1.google-analytics.com/g/collect?v=2&tid=G-1FE13FG8WE>m=2oe8o0&_p=1765339552&cid=471849105.1661737353&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661737352&sct=1&seg=0&dl=https%3A%2F%2Flogrhythm.com%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&dt=Page%20not%20found%20-%20LogRhythm&en=blog_subscription_load&ep.page=%2Fblog%2Fdeep-dive-into-plugx-malware%2F%27%2F&ep.host=logrhythm.com&ep.type=Marketo%20Blog%20Subscribe%20Form%20Load&ep.marketoFormID=1920&_et=2
- Requested by
- Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1FE13FG8WE&l=dataLayer&cx=c
- Protocol
- H3
- Security
- QUIC,
, AES_128_GCM
- Server
-
2001:4860:4802:34::36
, United States,
ASN15169
(GOOGLE, US),
- Reverse DNS
- Software
-
Golfe2 /
- Resource Hash
- e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
|
GET
H2
|
200
|
close.ec75d473.svg
logrhythm.widget.insent.ai/static/media/
Frame DB3B
|
340 B
711 B
|
16ms
15ms
|
Image
image/svg+xml |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
|
GET
H2
|
200
|
Rubik.woff2
logrhythm.widget.insent.ai/
Frame DB3B
|
33 KB
33 KB
|
16ms
16ms
|
Font
font/woff2 |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
|
GET
H2
|
206
|
definite.9606d071.wav
logrhythm.widget.insent.ai/static/media/
Frame DB3B
|
86 KB
86 KB
|
17ms
16ms
|
Media
audio/x-wav |
2600:9000:225e:a800:f:7ae2:7780:93a1
AMAZON-02
|
|
|