decoded.avast.io Open in urlscan Pro
34.111.249.39  Public Scan

58 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/	219 KB 220 KB	241ms 145ms	Document text/html	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / PHP/8.0.30 Resource Hash f54226ea2ca01a502c04e6875cb141749a622dc3dbb1b8eac86fd78c7303b760 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-type text/html; charset=UTF-8 date Wed, 25 Sep 2024 11:03:25 GMT link <https://decoded.avast.io/wp-json/>; rel="https://api.w.org/" <https://decoded.avast.io/wp-json/wp/v2/posts/8182>; rel="alternate"; title="JSON"; type="application/json" <https://decoded.avast.io/?p=8182>; rel=shortlink server nginx/1.22.1 via 1.1 google x-powered-by PHP/8.0.30
GET H2	200	js Show response www.googletagmanager.com/gtag/	248 KB 88 KB	108ms 44ms	Script application/javascript	2a00:1450:4001:82f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-GSVBRGE9D6 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 92c634c721525a2a1c442a1c599aa7272205b91870877d0a3e5c00a9b97c31be Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/ Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 content-encoding br cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Wed, 25 Sep 2024 11:03:25 GMT access-control-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 90161 date Wed, 25 Sep 2024 11:03:25 GMT x-xss-protection 0 content-type application/javascript; charset=UTF-8 vary Accept-Encoding server Google Tag Manager access-control-allow-headers Cache-Control
GET		5243b073-4f43-4ba6-9669-fd5b35ebd5c9 https://decoded.avast.io/	0 0
GET H2	200	style.min.css decoded.avast.io/wp-includes/css/dist/block-library/	110 KB 110 KB	27ms 25ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/css/dist/block-library/style.min.css?ver=6.6.2 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash fb3a89cc6347e098063bd15f285bc90411846ddce6f17812364feedab67a67f5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "66eafd6c-1b72b" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 112427 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Wed, 18 Sep 2024 16:18:52 GMT server nginx/1.22.1
GET H2	200	default.css decoded.avast.io/wp-content/plugins/syntax-highlighting-code-block/vendor/scrivo/highlight-php/styles/	1 KB 1 KB	24ms 24ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/plugins/syntax-highlighting-code-block/vendor/scrivo/highlight-php/styles/default.css?ver=1.5.0 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 98d96d59b69f1b5d6ec4eaa8e2c2c6880c2a849253ef08269e2811eb80fb3d8a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "66439701-487" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1159 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Tue, 14 May 2024 16:53:21 GMT server nginx/1.22.1
GET H2	200	min.css decoded.avast.io/wp-content/themes/johannes/assets/css/	180 KB 180 KB	26ms 26ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 8b7f6b3b98d203b064eeb91445b8bfc6f5bec3a2e7b76af8a23a7cb6cd0d8add Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "659c046a-2cf57" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 184151 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Mon, 08 Jan 2024 14:19:22 GMT server nginx/1.22.1
GET H2	200	common.css decoded.avast.io/wp-content/themes/johannes-avast/css/	9 KB 9 KB	52ms 50ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes-avast/css/common.css?ver=1.0.2 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash ea8eff1ffc764c919755555223e130a9567d8576673fa14dddc753f99deb1f9b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65c11f41-2554" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9556 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Mon, 05 Feb 2024 17:47:45 GMT server nginx/1.22.1
GET H2	200	dark.css decoded.avast.io/wp-content/themes/johannes-avast/css/	0 81 B	52ms 50ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes-avast/css/dark.css?ver=1.0.2 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65a013d9-0" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Thu, 11 Jan 2024 16:14:17 GMT server nginx/1.22.1
GET H2	403	a2abe1aedb.js kit.fontawesome.com/	0 0	216ms 141ms	Stylesheet text/plain	2606:4700:4400::ac40:93bc CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/a2abe1aedb.js?ver=6.6.2 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::ac40:93bc , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/ Response headers access-control-max-age 3000 x-request-id F_h30wneck1sbOMW7Q0i cache-control max-age=0, private, must-revalidate cf-cache-status MISS access-control-allow-methods GET, OPTIONS cf-ray 8c8a870f3f77d362-FRA access-control-allow-origin * content-length 22 date Wed, 25 Sep 2024 11:03:25 GMT vary Accept-Encoding server cloudflare access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token
GET H2	200	css fonts.googleapis.com/	3 KB 898 B	109ms 37ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 22e3e5a5098518183419cf5eddef58dcc88e9abe94e2956cc1c88af5fb29603a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/ Response headers content-encoding gzip x-content-type-options nosniff expires Wed, 25 Sep 2024 11:03:25 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css; charset=utf-8 last-modified Wed, 25 Sep 2024 11:03:25 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	main.css decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/css/	9 KB 9 KB	52ms 50ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.3 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 059a4ceac2ef55e9e1707329e116e850eca295235bc122c6ec8c1e08db90e1a6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "650b7a5c-2490" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9360 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Wed, 20 Sep 2023 23:03:56 GMT server nginx/1.22.1
GET H2	200	frontend-gtag.min.js Show response decoded.avast.io/wp-content/plugins/google-analytics-for-wordpress/assets/js/	11 KB 12 KB	53ms 51ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js?ver=9.0.1 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash d7bdba02afa8c04c13f280c71a50f8c8186c883711c5dabbd13566dd738bff0a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "66c85e0d-2da9" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11689 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Fri, 23 Aug 2024 10:01:49 GMT server nginx/1.22.1
GET H2	200	jquery.min.js Show response decoded.avast.io/wp-includes/js/jquery/	86 KB 86 KB	60ms 59ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "64ecd5ef-15601" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 87553 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Mon, 28 Aug 2023 17:14:23 GMT server nginx/1.22.1
GET H2	200	jquery-migrate.min.js Show response decoded.avast.io/wp-includes/js/jquery/	13 KB 13 KB	57ms 55ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "6482bd64-3509" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13577 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Fri, 09 Jun 2023 05:49:24 GMT server nginx/1.22.1
GET H2	200	Asset-22ldpi.png wordpress-salat-test.storage.googleapis.com/sites/2/2019/06/	3 KB 4 KB	104ms 27ms	Image image/png	2a00:1450:4001:806::201b GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://wordpress-salat-test.storage.googleapis.com/sites/2/2019/06/Asset-22ldpi.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 250fd3e1a88e39683d7798ac68311b15d4dd859903bc8faec08c37c0142f2c72 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/ Response headers x-goog-metageneration 1 x-goog-meta-goog-reserved-file-mtime 1561633500 x-goog-hash crc32c=sgy9KA==, md5=mqL116kwyCc+VltqOyFvCQ== etag "9aa2f5d7a930c8273e565b6a3b216f09" age 1109 x-goog-stored-content-encoding identity expires Wed, 25 Sep 2024 11:44:56 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-goog-stored-content-length 3109 date Wed, 25 Sep 2024 10:44:56 GMT last-modified Fri, 10 Feb 2023 17:05:44 GMT content-type image/png x-guploader-uploadid AD-8ljtXK4XvvAammJhBeXf1DNJbNjQojytYwI-RX3GnDBNA4n1x46VEupvyEatC8Fc3ScCWg4s cache-control public, max-age=3600 x-goog-storage-class STANDARD accept-ranges bytes x-goog-generation 1676048744816897 content-length 3109 content-language en server UploadServer
GET H2	200	AdobeStock_640258322-1920x500.jpeg decoded.avast.io/wp-content/uploads/sites/2/2024/02/	149 KB 149 KB	65ms 64ms	Image image/jpeg	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/AdobeStock_640258322-1920x500.jpeg Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash e53b9188adb8653538907662bb00c0b79f285134bbc8ffca8821e48c60534f55 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dcc10c-2526c" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 152172 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/jpeg last-modified Mon, 26 Feb 2024 16:49:16 GMT server nginx/1.22.1
GET H3	200	vuln_triggered-1024x390.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	227 KB 227 KB	24ms 23ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/vuln_triggered-1024x390.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash a04ff24932ae4b90e7a4cb2d035d3f5f87df518270531ea8e3814c6befbe1db6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc905a-38a35" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 231989 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:21:30 GMT server nginx/1.22.1
GET H3	200	appid_device_acl.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	30 KB 30 KB	24ms 24ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/appid_device_acl.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 46704a89ade8bc72ba176b394f6858df973513bd765c7e09a02e289127b98e9a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc906d-78ff" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30975 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:21:49 GMT server nginx/1.22.1
GET H3	200	imagesloaded.min.js Show response decoded.avast.io/wp-includes/js/	5 KB 5 KB	30ms 29ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash b65b3de1bc923b9355248a0d941a0eaee15dfb9a6b8eadb51323a8df6189dcd1 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "64d67b72-1590" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5520 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Fri, 11 Aug 2023 18:18:26 GMT server nginx/1.22.1
GET H3	200	masonry.min.js Show response decoded.avast.io/wp-includes/js/	24 KB 24 KB	27ms 26ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/js/masonry.min.js?ver=4.2.2 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "5ee520a7-5e4a" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 24138 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Sat, 13 Jun 2020 18:53:27 GMT server nginx/1.22.1
GET H3	200	jquery.masonry.min.js Show response decoded.avast.io/wp-includes/js/jquery/	2 KB 2 KB	24ms 24ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/js/jquery/jquery.masonry.min.js?ver=3.1.2b Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "57b604a2-71b" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1819 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Thu, 18 Aug 2016 18:55:30 GMT server nginx/1.22.1
GET H3	200	min.js Show response decoded.avast.io/wp-content/themes/johannes/assets/js/	112 KB 112 KB	28ms 28ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes/assets/js/min.js?ver=1.1.3 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 5f730e0adb0db34601edf0b7449dae5bcd766311ca1aadf57d58126c554fe2ef Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "659c04ac-1bf17" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 114455 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Mon, 08 Jan 2024 14:20:28 GMT server nginx/1.22.1
GET H3	200	main.js Show response decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/js/	551 B 570 B	28ms 27ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/js/main.js?ver=1.3 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 8efd7ef0887f8d97df1f68248a4d6f603ab11021a0f683e61584227ee7a71909 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "650b7a5c-227" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 551 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Wed, 20 Sep 2023 23:03:56 GMT server nginx/1.22.1
GET H3	200	new-tab.js Show response decoded.avast.io/wp-content/plugins/page-links-to/dist/	34 KB 34 KB	29ms 29ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/plugins/page-links-to/dist/new-tab.js?ver=3.3.7 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 6dceecf8eaa03968e40b767206be8a36a13d7444557fced227454ae4f100e5c9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "664396f5-8687" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34439 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Tue, 14 May 2024 16:53:09 GMT server nginx/1.22.1
POST H2	204	collect region1.google-analytics.com/g/	0 0	87ms 29ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-GSVBRGE9D6&gtm=45je49n0v9105797091za200&_p=1727262205228&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&gdid=dZGIzZG&cid=255226309.1727262205&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727262205&sct=1&seg=0&dl=https%3A%2F%2Fdecoded.avast.io%2Fjanvojtesek%2Flazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day%2F&dt=Lazarus%20and%20the%20FudModule%20Rootkit%3A%20Beyond%20BYOVD%20with%20an%20Admin-to-Kernel%20Zero-Day%20-%20Avast%20Threat%20Labs&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.forceSSL=true&ep.link_attribution=true&tfd=432 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-GSVBRGE9D6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://decoded.avast.io alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/plain server Golfe2
GET H3	200	dark.css decoded.avast.io/wp-content/themes/johannes-avast/css/	0 16 B	29ms 29ms	Stylesheet text/css	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes-avast/css/dark.css Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65a013d9-0" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 date Wed, 25 Sep 2024 11:03:25 GMT content-type text/css last-modified Thu, 11 Jan 2024 16:14:17 GMT server nginx/1.22.1
GET H3	200	johannes-font.ttf decoded.avast.io/wp-content/themes/johannes/assets/fonts/	3 KB 3 KB	29ms 28ms	Font application/octet-stream	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes/assets/fonts/johannes-font.ttf? Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 6e1ba7b6b625d488b2be3593d5ec5c3fca1fc192e9b3475573bf75af25b4cde9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://decoded.avast.io Referer https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3 Response headers etag "659c0460-b88" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2952 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/octet-stream last-modified Mon, 08 Jan 2024 14:19:12 GMT server nginx/1.22.1
GET H3	200	7Auwp_0qiz-afTLGLQ.woff2 fonts.gstatic.com/s/muli/v29/	32 KB 32 KB	62ms 26ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTLGLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash f68d37d474952b1fbe30def1b69e63e79c46a70263433285783b69ac0107b929 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://decoded.avast.io Referer https://fonts.googleapis.com/ Response headers age 126525 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Tue, 23 Sep 2025 23:54:40 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Mon, 23 Sep 2024 23:54:40 GMT last-modified Wed, 13 Sep 2023 22:41:22 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 32796 x-xss-protection 0 server sffe
GET H3	200	fontawesome-webfont.woff2 decoded.avast.io/wp-content/themes/johannes/assets/fonts/	75 KB 75 KB	28ms 27ms	Font font/woff2	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/themes/johannes/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://decoded.avast.io Referer https://decoded.avast.io/wp-content/themes/johannes/assets/css/min.css?ver=1.1.3 Response headers etag "659c0460-12d68" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77160 date Wed, 25 Sep 2024 11:03:25 GMT content-type font/woff2 last-modified Mon, 08 Jan 2024 14:19:12 GMT server nginx/1.22.1
GET H3	200	socicon.woff decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/fonts/	98 KB 98 KB	28ms 27ms	Font font/woff	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/fonts/socicon.woff Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.3 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 004581f917268ca890df89f8b85327a2b5b9b0cc8cf1f78c6d810a0e3ae71af4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://decoded.avast.io Referer https://decoded.avast.io/wp-content/plugins/meks-easy-social-share/assets/css/main.css?ver=1.3 Response headers etag "650b7a5c-18764" via 1.1 google accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 100196 date Wed, 25 Sep 2024 11:03:25 GMT content-type font/woff last-modified Wed, 20 Sep 2023 23:03:56 GMT server nginx/1.22.1
GET H3	200	7Auwp_0qiz-afTzGLRrX.woff2 fonts.gstatic.com/s/muli/v29/	29 KB 29 KB	57ms 22ms	Font font/woff2	142.250.185.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/muli/v29/7Auwp_0qiz-afTzGLRrX.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Muli%3Aregular%2C900%2C700&ver=1.1.3 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f3.1e100.net Software sffe / Resource Hash 6f968e2b575a4921967e9ccb21f184904b8cc5dfb92a1847c72732c85a8cc33d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://decoded.avast.io Referer https://fonts.googleapis.com/ Response headers age 107810 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Wed, 24 Sep 2025 05:06:35 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 24 Sep 2024 05:06:35 GMT last-modified Wed, 13 Sep 2023 22:45:59 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 30028 x-xss-protection 0 server sffe
GET H3	200	wp-emoji-release.min.js Show response decoded.avast.io/wp-includes/js/	18 KB 18 KB	23ms 23ms	Script application/javascript	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2 Requested by Host: decoded.avast.io URL: https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "6643971a-4926" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 18726 date Wed, 25 Sep 2024 11:03:25 GMT content-type application/javascript last-modified Tue, 14 May 2024 16:53:46 GMT server nginx/1.22.1
GET H3	200	patch_diaphora-1-1024x332.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	90 KB 90 KB	26ms 22ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/patch_diaphora-1-1024x332.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 1d879f504b32fe63b87c0586a49e3c06af71ccd663219a4d2a97cf236d45a430 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc9091-1673c" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 91964 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:22:25 GMT server nginx/1.22.1
GET H3	200	offsets.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	35 KB 35 KB	31ms 27ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/offsets.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 610ee2fcb67545fa1cb1fb92e6d3a58d1ef6c53ac8073652594de297f21b5242 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc90c3-8d81" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 36225 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:23:15 GMT server nginx/1.22.1
GET H3	200	direct_syscall.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	30 KB 30 KB	28ms 25ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/direct_syscall.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash b6646390f27d973a31c2425bff0ddccab0cee45f0a646fae5f3f2aa2c4072145 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc90e3-78b3" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30899 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:23:47 GMT server nginx/1.22.1
GET H3	200	rootkit_main.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	54 KB 54 KB	53ms 49ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/rootkit_main.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash b21394a4e4bafd76aab785ffc2e9330946a849ad7d511b5051d58faa2463971f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc9109-d681" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 54913 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:24:25 GMT server nginx/1.22.1
GET H3	200	vaccines.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	14 KB 14 KB	51ms 48ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/vaccines.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 8b992cb5791db17eec4cce7a5e7b1adf2d8ff4a1356ba5e8b829860914985d90 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc912c-36fc" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14076 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:25:00 GMT server nginx/1.22.1
GET H3	200	pooltag_check.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	38 KB 38 KB	40ms 36ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/pooltag_check.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 31a0715b1ca458fb0b6371788f65d847f4b4d8fe43c89ef6644d3c24760a36e4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc916e-966b" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38507 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:26:06 GMT server nginx/1.22.1
GET H3	200	is_active_callout.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	103 KB 103 KB	41ms 37ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/is_active_callout.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash aaf01e0d1ceebf1243985f818d7a37b006d5bc065060cfd428290a74c45b761f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc918f-19b90" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 105360 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:26:39 GMT server nginx/1.22.1
GET H3	200	etw_activesystemloggers-1.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	67 KB 67 KB	41ms 37ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/etw_activesystemloggers-1.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 6c975ed52611adee57fbe7109c58af4c6b68bb349bae6a42573f5f5e63cf57d7 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65defe82-10b80" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68480 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Wed, 28 Feb 2024 09:36:02 GMT server nginx/1.22.1
GET H3	200	EtwEventEnabled-2-1024x610.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	146 KB 146 KB	47ms 43ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/EtwEventEnabled-2-1024x610.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 8cacecfc04185080b05775e03f926f7f81ea4bb0a28f2f192b77660b643497f9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc91d2-248c9" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 149705 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:27:46 GMT server nginx/1.22.1
GET H3	200	sleep_thread.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	8 KB 9 KB	51ms 47ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/sleep_thread.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 1da54685099ba617c730a9d23bd879e12fec97773efb0353ff21143fb7dc0da8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc91f4-21f8" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8696 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:28:20 GMT server nginx/1.22.1
GET H3	200	windbg_handle_table_entry.png decoded.avast.io/wp-content/uploads/sites/2/2024/02/	29 KB 29 KB	52ms 48ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/02/windbg_handle_table_entry.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash cabf8a3fb8bd90617ff9c942c4b768c465b8b11797b08679823d272ba6d8b80c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "65dc920f-74eb" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29931 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Mon, 26 Feb 2024 13:28:47 GMT server nginx/1.22.1
GET H3	200	CC-featured-image-344x194.png decoded.avast.io/wp-content/uploads/sites/2/2024/07/	66 KB 66 KB	52ms 49ms	Image image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/07/CC-featured-image-344x194.png Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 9d8e584c6cc0924db4aefdb99267de5d2cf1a96d76b4396a8a787e546c06a909 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "669903fe-1099e" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67998 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Thu, 18 Jul 2024 12:01:02 GMT server nginx/1.22.1
GET H3	200	donex-344x194.jpeg decoded.avast.io/wp-content/uploads/sites/2/2024/07/	22 KB 22 KB	50ms 46ms	Image image/jpeg	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/07/donex-344x194.jpeg Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 2dddb414eee8c1f7a745d0e2a39ea0f12bd4e98187730b66dcd702fc779dc535 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "6686b272-58a1" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 22689 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/jpeg last-modified Thu, 04 Jul 2024 14:32:18 GMT server nginx/1.22.1
GET H3	200	krzysztof-hepner-C1JTOq_uTpY-unsplash-344x194.jpg decoded.avast.io/wp-content/uploads/sites/2/2024/06/	10 KB 10 KB	49ms 46ms	Image image/jpeg	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Show image Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2024/06/krzysztof-hepner-C1JTOq_uTpY-unsplash-344x194.jpg Requested by Host: decoded.avast.io URL: https://decoded.avast.io/wp-includes/js/imagesloaded.min.js?ver=5.0.0 Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash b55907481ff48a21f92a7d380cdecc004c766d3141a24053a6ee2ea5216d170d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "667162cc-290e" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 10510 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/jpeg last-modified Tue, 18 Jun 2024 10:34:52 GMT server nginx/1.22.1
GET H3	200	cropped-Asset-25ldpi-32x32.png decoded.avast.io/wp-content/uploads/sites/2/2019/07/	1 KB 1 KB	23ms 23ms	Other image/png	34.111.249.39 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://decoded.avast.io/wp-content/uploads/sites/2/2019/07/cropped-Asset-25ldpi-32x32.png Protocol H3 Security QUIC, , AES_128_GCM Server 34.111.249.39 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 39.249.111.34.bc.googleusercontent.com Software nginx/1.22.1 / Resource Hash 4975e5df87c9b12ffd93060e4f4b5d7459de5b5be628a8198542695f0016b039 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/ Response headers cache-control max-age=315360000 etag "5d26025c-417" via 1.1 google expires Thu, 31 Dec 2037 23:55:55 GMT accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1047 date Wed, 25 Sep 2024 11:03:25 GMT content-type image/png last-modified Wed, 10 Jul 2019 15:21:00 GMT server nginx/1.22.1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

decoded.avast.io

URL

blob:https://decoded.avast.io/5243b073-4f43-4ba6-9669-fd5b35ebd5c9