www.darkreading.com Open in urlscan Pro
2606:4700::6812:6e2f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Submission: On February 16 via api (February 16th 2024, 2:11:14 am UTC) from TR — Scanned from DE

Summary HTTP 183 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 26 domains to perform 183 HTTP transactions. The main IP is 2606:4700::6812:6e2f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 171980.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
77	2606:4700::68... 2606:4700::6812:6e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	65.9.95.30 65.9.95.30	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:1c00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.95.45 65.9.95.45	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.95.105 65.9.95.105	16509 (AMAZON-02) (AMAZON-02)
1	52.71.116.217 52.71.116.217	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
6	2.18.97.115 2.18.97.115	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	13.32.27.21 13.32.27.21	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.103 13.32.99.103	16509 (AMAZON-02) (AMAZON-02)
2	2a05:d018:94a... 2a05:d018:94a:8a01:e18d:a0de:5092:6397	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:6c2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.196.132.224 18.196.132.224	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.19 18.66.112.19	16509 (AMAZON-02) (AMAZON-02)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	52.7.198.231 52.7.198.231	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700:440... 2606:4700:4400::ac40:966b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
183	37

77 2606:4700::6812:6e2f (United States)

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 65.9.95.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-30.prg50.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:1c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b5 (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-45.prg50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.95.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-105.prg50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.116.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-116-217.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.97.115 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-97-115.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-21.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-103.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:94a:8a01:e18d:a0de:5092:6397 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6c2f (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.132.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-19.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.198.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-198-231.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:966b (United States)

ASN13335 (CLOUDFLARENET, US)

api.iiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
78	darkreading.com www.darkreading.com — Cisco Umbrella Rank: 171980 c.darkreading.com — Cisco Umbrella Rank: 407928	994 KB
27	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 www3.doubleclick.net — Cisco Umbrella Rank: 19594 stats.g.doubleclick.net — Cisco Umbrella Rank: 113	210 KB
15	googlesyndication.com a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 158 pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	346 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 378	289 KB
9	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 44804	120 KB
7	moatads.com z.moatads.com — Cisco Umbrella Rank: 814 mb.moatads.com — Cisco Umbrella Rank: 1066 px.moatads.com — Cisco Umbrella Rank: 660	115 KB
4	informa.com static.iris.informa.com — Cisco Umbrella Rank: 61048	328 KB
4	google.com marketingplatform.google.com — Cisco Umbrella Rank: 16581 region1.analytics.google.com — Cisco Umbrella Rank: 2400 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9707	1 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 2124 in.ml314.com — Cisco Umbrella Rank: 11454	11 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 15338 eu01.in.treasuredata.com — Cisco Umbrella Rank: 27573	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 52	241 KB
2	iiris.com api.iiris.com — Cisco Umbrella Rank: 208184	2 KB
2	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 7966	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 825 script.hotjar.com — Cisco Umbrella Rank: 1119	60 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 355849 assets.ubembed.com — Cisco Umbrella Rank: 14341	49 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 737	29 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2975	258 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1396	201 B
1	google.de www.google.de — Cisco Umbrella Rank: 5654	408 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1739	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 612	312 B
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 996	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 191	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 48	1 KB
183	26

	Domain	Requested by
76	www.darkreading.com	www.darkreading.com
25	securepubads.g.doubleclick.net	www.darkreading.com pagead2.googlesyndication.com
10	cdn.cookielaw.org	www.darkreading.com cdn.cookielaw.org
9	eu-images.contentstack.com	www.darkreading.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com tpc.googlesyndication.com pagead2.googlesyndication.com
5	px.moatads.com	www.darkreading.com
4	static.iris.informa.com	www.darkreading.com
3	bam.eu01.nr-data.net	www.darkreading.com
3	www.googletagmanager.com	www.darkreading.com
2	api.iiris.com	www.darkreading.com
2	ml314.com	z.moatads.com ml314.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
2	cognito-identity.eu-west-1.amazonaws.com	www.darkreading.com
2	www.google.com	securepubads.g.doubleclick.net www.darkreading.com
1	js-agent.newrelic.com	www.darkreading.com
1	in.ml314.com	ml314.com
1	mb.moatads.com	z.moatads.com
1	vc.hotjar.io	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	z.moatads.com	securepubads.g.doubleclick.net
1	a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	www.google.de	www.darkreading.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.hotjar.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	marketingplatform.google.com	www.darkreading.com
1	www3.doubleclick.net	1 redirects
1	geolocation.onetrust.com	www.darkreading.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	www.darkreading.com
1	connect.facebook.net	www.darkreading.com
1	fonts.googleapis.com	www.darkreading.com
183	39

This site contains links to these domains. Also see Links.

Domain
www.informa.com
dr-resources.darkreading.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
www.twitter.com
www.reddit.com
blog.talosintelligence.com
ve.informaengage.com
www.blackhat.com
info.wrightsmedia.com
www.informatech.com
www.onetrust.com

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-25` - `2024-02-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.js.ubembed.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-05`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M02	`2024-02-07` - `2025-03-08`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-01-01` - `2024-03-31`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh
iiris.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Frame ID: 6179B3378DFB99294BCA9A2D6315B41B
Requests: 160 HTTP requests in this frame

Frame: https://a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 1452032FD9E4093BCBA1E617DD5D22B8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js
Frame ID: B68965B92F8F18904475A8E0D646B34E
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunlAhNTzc9XO47t_COLZr4B0gacvN4IX-q2Wl_Hg8SCx2lEqiPo9yZCO-oT2cOhPBlT6-EaKqy5NkFJtyS1a3mz2J8kI03DbckOAY8fpGvNVoViqjZ9vCdnBLi3vByBcDBTLhBCGknBSR1WruAVO4fvPDL74M2-KAJk9TVvQ2k8EYaFwpS0nwmDrWdmXjDMQsuwJT3S3s-g2kuWcwDDqgrAbJ7d0xNJElQpX54DWKO914x3AdI36_7eZBGwG9RIPqZf-8OQChzdGevd42dlR0EeTWvf3vsG95rKL29rz80Wk6adb28fu-tfXrnGUarm2osKdrd8rNzmpT0Z6F9UZCsfwlXaw2JjcUdKKjJiza76YXD_xfPIaecugM1QqcdBE96iBlj&sai=AMfl-YRDfVK272Hk12AiMHoRdKy2nZo3TnSmLwxBQ8hmFaGR2AJLetzwXaKqZc084Ob53Ejd8CBbmqr3pD5ojri007VAURXr817Vvqn6nBvQZI7jBGV3UUdRxzF3xSKEEQ&sig=Cg0ArKJSzIoJqD8hFN7uEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: E10F9DF11FC885BBCFC8783F9DAB22FC
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 942DAEA5009E58C8473652958BAA96AB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D3B28061317C6141F2FECDE68064D84D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOsCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

183
Requests

99 %
HTTPS

62 %
IPv6

26
Domains

39
Subdomains

37
IPs

5
Countries

2892 kB
Transfer

9013 kB
Size

22
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://www.informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: https://www.informa.com/about-us/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://www.informa.com/investors/
Title: INVESTOR RELATIONS

Search URL Search Domain Scan URL

URL: https://www.informa.com/talent/
Title: TALENT

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3&hl=en-US&gl=US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos&title=Russian%20APT%20Turla%20Wields%20Novel%20Backdoor%20Malware%20Against%20Polish%20NGOs

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/tinyturla-next-generation/
Title: blog post published today on Turla

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf74&ch=sbx&cid=_upcoming_webinars_8.500001397&_mc=_upcoming_webinars_8.500001397
Title: Making Sense of Security Operations Data

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo213&ch=sbx&cid=_upcoming_webinars_8.500001406&_mc=_upcoming_webinars_8.500001406
Title: Unbiased Testing. Unbeatable Results

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_clow50&ch=sbx&cid=_upcoming_webinars_8.500001398&_mc=_upcoming_webinars_8.500001398
Title: Your Everywhere Security Guide: 4 Steps to Stop Cyberattacks

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_apii04&ch=sbx&cid=_upcoming_webinars_8.500001396&_mc=_upcoming_webinars_8.500001396
Title: API Security: Protecting Your Application's Attack Surface

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo212&ch=sbx&cid=_upcoming_webinars_8.500001399&_mc=_upcoming_webinars_8.500001399
Title: Securing the Software Development Life Cycle from Start to Finish

Search URL Search Domain Scan URL

URL: https://ve.informaengage.com/virtual-events/cybersecuritys-hottest-new-technologies-what-you-need-to-know/?ch=sbx&cid=_session_16.500316&_mc=_session_16.500316
Title: Cybersecurity's Hottest New Technologies - Dark Reading March 21 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/asia-24/?cid=_session_16.500313&_mc=_session_16.500313
Title: Black Hat Asia - April 16-19 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/tr-24/?cid=_session_16.500312&_mc=_session_16.500312
Title: Black Hat Spring Trainings - March 12-15 - Learn More

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.informatech.com/

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy|

Search URL Search Domain Scan URL

URL: https://www.informatech.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

183 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request russian-apt-turla-novel-backdoor-malware-polish-ngos Show response
www.darkreading.com/cyberattacks-data-breaches/ 234 KB
47 KB 1068ms
1051ms Document
text/html 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c37ae7b69b1fa446ea0bfba3234165caae7f47ac894cb6415470da07cec5c269

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status: EXPIRED
cf-ray: 856242157b6539df-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 16 Feb 2024 02:11:08 GMT
last-modified: Thu, 15 Feb 2024 22:51:44 GMT
server: cloudflare
strict-transport-security: max-age=3153600000
vary: Accept-Encoding

GET
H2 200 styles.generated-4XZZNIWX.css
www.darkreading.com/build/_assets/ 8 KB
3 KB 40ms
33ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/styles.generated-4XZZNIWX.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 1266282
etag: W/"1e46-18d605a9288"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c18a039df-FRA

GET
H2 200 swiper.min-FCSS2HML.css
www.darkreading.com/build/_assets/ 5 KB
3 KB 26ms
20ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/swiper.min-FCSS2HML.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 6637386
cf-polished: origSize=6255
etag: W/"186f-18c20679af0"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c18a239df-FRA

GET
H2 200 brand.generated-BJEG7MSG.css
www.darkreading.com/build/_assets/ 374 KB
47 KB 33ms
27ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/brand.generated-BJEG7MSG.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb03f47be374b1eeced807c368c4015291dfa617c580ee1320b4c45add40d4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 06 Feb 2024 13:55:29 GMT
server: cloudflare
age: 743356
cf-polished: origSize=383566
etag: W/"5da4e-18d7eb3cc68"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c18a439df-FRA

GET
H2 200 RussianHacking_SciencePhotoLibrary-AlamyStock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2b69b4ff20c3bb48/65b2fc198a28cb040a0b941d/ 3 KB
4 KB 33ms
8ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2b69b4ff20c3bb48/65b2fc198a28cb040a0b941d/RussianHacking_SciencePhotoLibrary-AlamyStock.jpg?width=850&auto=webp&quality=10&format=jpg&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

3a7c7d89a7cc321f791e1aa2e947c911c0ea3764e02e84bfb301c1d191ac0fbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 778248
x-cache: HIT, HIT
fastly-io-info: ifsz=114990 idim=1200x931 ifmt=jpeg ofsz=2978 odim=850x659 ofmt=webp
filename1: custom
content-disposition: inline; filename=RussianHacking_SciencePhotoLibrary-AlamyStock.webp
fastly-stats: io=1
content-length: 2978
x-request-id: bc131402e71908fb8c5ba6c40601e3d3
x-served-by: cache-ams21035-AMS, cache-fra-etou8220067-FRA
x-runtime: 89ms
server: contentstack
x-timer: S1708049469.838679,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "jBQAO+q8SEhack0e7Us3YmbjTjDs4zoM9Dds3hbThXs"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 14, 1

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 50ms
26ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 01:00:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 16 Feb 2024 02:11:08 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 57ms
37ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 42500
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66f60ca1-801e-000e-0e3e-0d1033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421c3b60bb49-FRA
expires: Sat, 17 Feb 2024 02:11:08 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 51ms
31ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jEXNH7qItSS8Y+G7eM2k2w==
age: 71794
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Wed, 14 Feb 2024 03:39:00 GMT
server: cloudflare
etag: 0x8DC2D0E7BAD4130
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6b2ce26c-701e-0057-1111-5f97b0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421c3b63bb49-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 96 KB
29 KB 52ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59175fd22cdb07b78a5fbbe397903f08c7e01b7cdec69a927e5782f3341fead5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29115
x-xss-protection: 0
server: cafe
etag: 492 / 19769 / m202402120101 / config-hash: 7618136491434172592
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 02:11:08 GMT

GET
H2 200 informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/ 3 KB
3 KB 77ms
71ms Image
image/png 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888802
cf-polished: origSize=4020
etag: W/"fb4-18bfba43688"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 8562421c38ee39df-FRA
content-length: 2815

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 28ms
28ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Feb 2024 17:53:09 GMT
server: cloudflare
etag: W/"65c66685-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8562421c48f639df-FRA
expires: Sun, 18 Feb 2024 02:11:08 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 23ms
9ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3891b93ecee23b5a101de27a676ad281cb9f7457304da4474864f3ae4fffa3fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Feb 2024 02:11:08 GMT
content-md5: Isbd8FSwnWt260qx+4BZ4Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: S1/NKnoBoO+A2bNXGnc9hRzLrFGlDdvi1J9VA+9WnXEmoNvoAaT69H33gwKZuO49Jtx/x0EQd1jr01Lz6Rg5wg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 75ab2277da95598589455a515b7be12c
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b52f623c589bfe4f88a6996a4f855d33"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 16 Feb 2024 02:17:23 GMT

GET
H2 200 entry.client-VOU2QAI4.js Show response
www.darkreading.com/build/ 546 B
455 B 26ms
20ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/entry.client-VOU2QAI4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6730233
cf-polished: origSize=547
etag: W/"223-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c18a539df-FRA

GET
H2 200 chunk-654PJEY4.js Show response
www.darkreading.com/build/_shared/ 121 KB
40 KB 31ms
25ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-654PJEY4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6734112
cf-polished: origSize=124372
etag: W/"1e5d4-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c18a639df-FRA

GET
H2 200 chunk-ADOFUXDS.js Show response
www.darkreading.com/build/_shared/ 122 KB
28 KB 41ms
35ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ADOFUXDS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=125229
etag: W/"1e92d-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c18a839df-FRA

GET
H2 200 chunk-KQKZX6A4.js Show response
www.darkreading.com/build/_shared/ 52 KB
18 KB 60ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KQKZX6A4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 6636636
cf-polished: origSize=54355
etag: W/"d453-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28ab39df-FRA

GET
H2 200 chunk-ZSCMMWXX.js Show response
www.darkreading.com/build/_shared/ 1006 B
628 B 40ms
34ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZSCMMWXX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6726813
cf-polished: origSize=1007
etag: W/"3ef-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28ad39df-FRA

GET
H2 200 chunk-OBEVOL5F.js Show response
www.darkreading.com/build/_shared/ 2 KB
833 B 31ms
26ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-OBEVOL5F.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2645e554797a578477d38fceb78d8554e21092c5496c2fd15b6fd93d34f8b5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1549
etag: W/"60d-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28ae39df-FRA

GET
H2 200 chunk-TFR26LLE.js Show response
www.darkreading.com/build/_shared/ 2 KB
899 B 30ms
24ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TFR26LLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 1144840
cf-polished: origSize=1765
etag: W/"6e5-18d605a9288"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28b139df-FRA

GET
H2 200 chunk-ZGWUNTUF.js Show response
www.darkreading.com/build/_shared/ 1 MB
379 KB 73ms
68ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZGWUNTUF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98427af2c5ab02eff6e10aafa56c4a0b6d3edb93714a4967c985cc3237892fc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1232478
etag: W/"12ce5e-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28b739df-FRA

GET
H2 200 chunk-CVO5CTBH.js Show response
www.darkreading.com/build/_shared/ 2 KB
1004 B 40ms
35ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-CVO5CTBH.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58492c25443d26194f9139174ec0897138e098653d0c08a9b68198fc653bff2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1867
etag: W/"74b-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28b939df-FRA

GET
H2 200 chunk-2MQOLYJ6.js Show response
www.darkreading.com/build/_shared/ 99 B
157 B 41ms
36ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2MQOLYJ6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28ba39df-FRA

GET
H2 200 chunk-4OFPQ62H.js Show response
www.darkreading.com/build/_shared/ 99 B
187 B 37ms
32ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4OFPQ62H.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6719729
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28bb39df-FRA

GET
H2 200 chunk-KBZXRMSP.js Show response
www.darkreading.com/build/_shared/ 2 KB
793 B 55ms
50ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KBZXRMSP.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eea02350a885ad78757a2ce5b1cf0a6ef85f2ae5efc8b20d18c4dcc7ecbc95d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1873
etag: W/"751-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28bc39df-FRA

GET
H2 200 chunk-JSLP45NT.js Show response
www.darkreading.com/build/_shared/ 445 B
418 B 40ms
36ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JSLP45NT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1863101
cf-polished: origSize=446
etag: W/"1be-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28bd39df-FRA

GET
H2 200 chunk-EJDXW353.js Show response
www.darkreading.com/build/_shared/ 99 B
161 B 38ms
34ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EJDXW353.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28be39df-FRA

GET
H2 200 chunk-W42GJVNL.js Show response
www.darkreading.com/build/_shared/ 286 B
278 B 70ms
65ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-W42GJVNL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1863101
cf-polished: origSize=287
etag: W/"11f-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28bf39df-FRA

GET
H2 200 chunk-WJ5XHI5J.js Show response
www.darkreading.com/build/_shared/ 20 KB
5 KB 46ms
42ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WJ5XHI5J.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cbb2bbe655e579266c5189d67477f39fae190c2884ee3d9407417dbbfa79a5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=20880
etag: W/"5190-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c039df-FRA

GET
H2 200 chunk-QF2327UI.js Show response
www.darkreading.com/build/_shared/ 294 B
307 B 36ms
32ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QF2327UI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888811
cf-polished: origSize=295
etag: W/"127-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c239df-FRA

GET
H2 200 chunk-5U6ANQX2.js Show response
www.darkreading.com/build/_shared/ 99 KB
31 KB 59ms
54ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-5U6ANQX2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3aefbfdba6dd23d150e9b435e10344cd7870759930913fdffabe3491ffae15

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 114002
cf-polished: origSize=101214
etag: W/"18b5e-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c339df-FRA

GET
H2 200 chunk-LPFDFK5X.js Show response
www.darkreading.com/build/_shared/ 2 KB
804 B 40ms
36ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-LPFDFK5X.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f4eab23614eb9e9f57d83487f7b4b911bdd11b2ccf621d159a60c4d0f2c6991

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1539
etag: W/"603-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c439df-FRA

GET
H2 200 chunk-J56IETE6.js Show response
www.darkreading.com/build/_shared/ 99 B
171 B 44ms
40ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-J56IETE6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6734112
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c539df-FRA

GET
H2 200 chunk-YY3URPCC.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 40ms
35ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YY3URPCC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72974388b63358434fe886e35399d6ffc7171f812cdac3b32f73b06f66520a60

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=4407
etag: W/"1137-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c739df-FRA

GET
H2 200 chunk-NYVDH3MD.js Show response
www.darkreading.com/build/_shared/ 99 B
161 B 47ms
43ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NYVDH3MD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888809
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c839df-FRA

GET
H2 200 chunk-7Z2VFYWP.js Show response
www.darkreading.com/build/_shared/ 73 KB
24 KB 48ms
44ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7Z2VFYWP.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38d9df1d9bcc54b20b5a90614e78a9d938b797ca2a483ed17c12358df4b91f11

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=76519
etag: W/"12ae7-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28c939df-FRA

GET
H2 200 chunk-BGVAJVIT.js Show response
www.darkreading.com/build/_shared/ 268 B
325 B 40ms
36ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BGVAJVIT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=269
etag: W/"10d-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28ca39df-FRA

GET
H2 200 chunk-RV3JR3RD.js Show response
www.darkreading.com/build/_shared/ 99 B
163 B 45ms
41ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RV3JR3RD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888808
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28cb39df-FRA

GET
H2 200 chunk-U4RHUKDM.js Show response
www.darkreading.com/build/_shared/ 99 B
157 B 53ms
50ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-U4RHUKDM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28cc39df-FRA

GET
H2 200 chunk-WDD67XQQ.js Show response
www.darkreading.com/build/_shared/ 15 KB
6 KB 52ms
48ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WDD67XQQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=15141
etag: W/"3b25-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28cd39df-FRA

GET
H2 200 chunk-XTZ4KE6J.js Show response
www.darkreading.com/build/_shared/ 133 KB
41 KB 58ms
54ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-XTZ4KE6J.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1603deb2ef986a9d2da127022d8a03a5357c542a9ac9ee85fd41d8505492551

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=136793
etag: W/"21659-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28ce39df-FRA

GET
H2 200 chunk-AEBM4IWQ.js Show response
www.darkreading.com/build/_shared/ 99 B
177 B 46ms
42ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AEBM4IWQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888808
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28cf39df-FRA

GET
H2 200 chunk-JGXHW6NN.js Show response
www.darkreading.com/build/_shared/ 213 KB
74 KB 60ms
56ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JGXHW6NN.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3bf582e15a712c2602bcc7d9bffd24083d655fcf09ce3d8acac0decff12e1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=218614
etag: W/"355f6-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d139df-FRA

GET
H2 200 root-WMZKY4HO.js Show response
www.darkreading.com/build/ 43 KB
13 KB 54ms
51ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/root-WMZKY4HO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7870d76c8c46ecf4461dd5d69eb4930cef535da64159a2322227564709a6dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 114002
cf-polished: origSize=44036
etag: W/"ac04-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d239df-FRA

GET
H2 200 chunk-ZHVRPDBG.js Show response
www.darkreading.com/build/_shared/ 1 KB
808 B 51ms
48ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZHVRPDBG.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f87e8135dd37ac5bdce2e3adc6442ef92f14606802a54a8cd82e73f97a19b44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1499
etag: W/"5db-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d339df-FRA

GET
H2 200 chunk-PULSW7VO.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 56ms
53ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-PULSW7VO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c77cde240865b6409218f927cd88ff158b78ae943f0899b0db4da5cf55c95c80

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=3211
etag: W/"c8b-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d439df-FRA

GET
H2 200 chunk-WSL5O4GC.js Show response
www.darkreading.com/build/_shared/ 2 KB
764 B 50ms
47ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WSL5O4GC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2edf5c54d5168cfd216ba16af186bd1d0d8ea214aafd58f45cb357b7ee8f094

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=2070
etag: W/"816-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d539df-FRA

GET
H2 200 chunk-KRUVPYBM.js Show response
www.darkreading.com/build/_shared/ 1 KB
681 B 49ms
46ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KRUVPYBM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97aeeacf485a26aa10526f039539de4f6bab1206e6161f9a00d23ad72e4ac56d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1240
etag: W/"4d8-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d639df-FRA

GET
H2 200 chunk-MZ5KS7VK.js Show response
www.darkreading.com/build/_shared/ 9 KB
3 KB 56ms
53ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-MZ5KS7VK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8eda42e59ee9cdb2e0430f8e4cd23f6c9afaaf33b08f1dc0f5ef747ee80efd93

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=9083
etag: W/"237b-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d739df-FRA

GET
H2 200 chunk-HCNUPANO.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 74ms
72ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HCNUPANO.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

768e3560f3716fcaf180e99f67c8c34074d3bbccfa668a4f33b7378d5c76f6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=4128
etag: W/"1020-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d839df-FRA

GET
H2 200 chunk-6GEGUMFF.js Show response
www.darkreading.com/build/_shared/ 975 B
660 B 73ms
70ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6GEGUMFF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1863101
cf-polished: origSize=976
etag: W/"3d0-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28d939df-FRA

GET
H2 200 chunk-HQRTWE5A.js Show response
www.darkreading.com/build/_shared/ 594 B
499 B 58ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HQRTWE5A.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 5745868
cf-polished: origSize=595
etag: W/"253-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28da39df-FRA

GET
H2 200 chunk-YXJ3G5FQ.js Show response
www.darkreading.com/build/_shared/ 2 KB
776 B 69ms
66ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YXJ3G5FQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa5dcd0acdb87789fd61b499d0a7949a0ae68943dd19ce14eab899846bc3920

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1664
etag: W/"680-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28db39df-FRA

GET
H2 200 chunk-WVOYCPZM.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 57ms
54ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WVOYCPZM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f0fc9b345ef02fd5ea97e5f6203ce9e793afe414c8e3c52f84de4df176593f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=2247
etag: W/"8c7-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c28dc39df-FRA

GET
H2 200 chunk-6A2GLJQM.js Show response
www.darkreading.com/build/_shared/ 99 B
157 B 38ms
36ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6A2GLJQM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38dd39df-FRA

GET
H2 200 chunk-Z2DZYJDT.js Show response
www.darkreading.com/build/_shared/ 225 KB
75 KB 75ms
72ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-Z2DZYJDT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50177ac3c42d7ada1970bf25406b64c02b5ccf8d6584442c6f9af8cea33130b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=230749
etag: W/"3855d-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38de39df-FRA

GET
H2 200 chunk-ZEJRPHAH.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 57ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZEJRPHAH.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ed33cbc7e1e4cb00616297a3d9ccbc9734ea52602c5f73b0341c18ba71773f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=3232
etag: W/"ca0-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38df39df-FRA

GET
H2 200 chunk-YB2PZH4U.js Show response
www.darkreading.com/build/_shared/ 99 B
190 B 57ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YB2PZH4U.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6818770
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e139df-FRA

GET
H2 200 chunk-GY4YSMUY.js Show response
www.darkreading.com/build/_shared/ 99 B
162 B 51ms
49ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GY4YSMUY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6724822
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e339df-FRA

GET
H2 200 chunk-7ABGLIHU.js Show response
www.darkreading.com/build/_shared/ 99 B
198 B 58ms
56ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7ABGLIHU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 1863101
cf-polished: origSize=100
etag: W/"64-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e439df-FRA

GET
H2 200 chunk-PDL5JPOK.js Show response
www.darkreading.com/build/_shared/ 2 KB
994 B 58ms
56ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-PDL5JPOK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf7d2763df5141a292d5554796dab9a8d365265bd3cd00b756bc372b2a9c1b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=2484
etag: W/"9b4-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e539df-FRA

GET
H2 200 chunk-IYLOKEEU.js Show response
www.darkreading.com/build/_shared/ 430 KB
61 KB 76ms
74ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-IYLOKEEU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54ece1590fb3a1c1b80cf6e3c6dc149ccfd2001e1888b5f99bdb36e701dd4a78

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=440616
etag: W/"6b928-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e639df-FRA

GET
H2 200 chunk-GWQGHW6C.js Show response
www.darkreading.com/build/_shared/ 1 KB
769 B 58ms
56ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GWQGHW6C.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86e55d09ac7f9e31d76aae3602f9bf72e1928e2925858104c942ed486a0c5219

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1296
etag: W/"510-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e739df-FRA

GET
H2 200 chunk-O3UKIHBF.js Show response
www.darkreading.com/build/_shared/ 1000 B
554 B 57ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-O3UKIHBF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bedfcca8db64f1ffd34dcaa513b726426baf81a96c3e2f6eef87a09aa52ffff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=1001
etag: W/"3e9-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38e939df-FRA

GET
H2 200 chunk-3MS3TJ6I.js Show response
www.darkreading.com/build/_shared/ 99 B
184 B 57ms
56ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3MS3TJ6I.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38ea39df-FRA

GET
H2 200 chunk-UUGVZPQT.js Show response
www.darkreading.com/build/_shared/ 1 KB
670 B 57ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-UUGVZPQT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25bc92b9969888c951c49a12f706534458e014353ee5e21c31da0afcffa2da93

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320638
cf-polished: origSize=1062
etag: W/"426-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38eb39df-FRA

GET
H2 200 $topic.$slug-ST5QLQLE.js Show response
www.darkreading.com/build/routes/ 202 KB
63 KB 68ms
67ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/routes/$topic.$slug-ST5QLQLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4130e2e911a45999c37b0d6c2580fbe4ead140cacebc975633ae9fc1c4ff0bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320639
cf-polished: origSize=207576
etag: W/"32ad8-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421c38ed39df-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 69ms
54ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8562421d0f0f5d3d-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 37ms
23ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 46314
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 59ff7cb2-901e-0012-7548-234253000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421cfee79231-FRA
expires: Sat, 17 Feb 2024 02:11:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 355 KB
105 KB 58ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9bf98d65fa1348fad3cfbc8ea72bbe92e824ee20db77698f9963cd907b971563

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 107857
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:51:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 02:11:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
45 KB 48ms
28ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76fe72e535b7964a7bcf83c0025cb9088e1c7b9c8acc3b53555e024c9c86d973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46197
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:51:57 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Feb 2024 02:11:08 GMT

GET
H2 200 manifest-B097BBFD.js Show response
www.darkreading.com/build/ 34 KB
3 KB 28ms
28ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/manifest-B097BBFD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9bb7f688260060d6a3797dbdf9ef3a791a35428a463b9eba7b9a4c12a2701a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 08 Feb 2024 12:25:24 GMT
server: cloudflare
age: 320638
etag: W/"8764-18d88ae0b20"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098039df-FRA

GET
H2 200 Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/ 554 B
333 B 24ms
23ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 6644558
etag: W/"22a-18c20679af0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098139df-FRA

GET
H2 200 Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/ 493 B
409 B 19ms
19ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 6652492
etag: W/"1ed-18c20679af0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098239df-FRA

GET
H2 200 ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/ 449 B
346 B 21ms
21ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888801
etag: W/"1c1-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098539df-FRA

GET
H2 200 Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/ 471 B
377 B 19ms
19ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888801
etag: W/"1d7-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098739df-FRA

GET
H2 200 Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/ 400 B
345 B 21ms
21ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
etag: W/"190-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098939df-FRA

GET
H2 200 Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/ 272 B
299 B 18ms
17ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888800
etag: W/"110-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098a39df-FRA

GET
H2 200 Twitter-YP6RMFLT.svg
www.darkreading.com/build/_assets/ 891 B
575 B 20ms
19ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Twitter-YP6RMFLT.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

688920dcf3bc915f06fdb081e29e9c2b6fbb0ea6727fe5be74f33db0e2c0ad6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6738330
etag: W/"37b-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098b39df-FRA

GET
H2 200 Email-47H7P533.svg
www.darkreading.com/build/_assets/ 777 B
520 B 20ms
20ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Email-47H7P533.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6730231
etag: W/"309-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098c39df-FRA

GET
H2 200 Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/ 1 KB
706 B 22ms
22ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6809892
etag: W/"471-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098d39df-FRA

GET
H2 200 Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/ 741 B
529 B 26ms
26ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6730231
etag: W/"2e5-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098e39df-FRA

GET
H2 200 ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/ 752 B
477 B 22ms
22ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
etag: W/"2f0-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d098f39df-FRA

GET
H2 200 ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/ 305 B
288 B 21ms
21ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6818768
etag: W/"131-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d099039df-FRA

GET
H2 200 Date-KJRS72FO.svg
www.darkreading.com/build/_assets/ 1 KB
488 B 23ms
23ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 6888793
etag: W/"54d-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 8562421d099139df-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 38ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 15:14:07 GMT
x-content-type-options: nosniff
age: 212222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 15:14:07 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 18ms
17ms Image
image/svg+xml 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 2686008
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d072c12c3aaefff5965b1c240efd969f
x-served-by: cache-ams12722-AMS, cache-fra-etou8220067-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1708049469.979821,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4795, 1

GET
H2 200 Dark_Reading_Logo_Global_k.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc8a6395802cafad0/654e0d60123f32040a075bab/ 11 KB
12 KB 20ms
19ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc8a6395802cafad0/654e0d60123f32040a075bab/Dark_Reading_Logo_Global_k.png?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

25d5f3492df9d263f017fd19be6831e0a6ff7f75e0d87de32de97d14a6fca858

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img20-europe-west2
age: 1283545
x-cache: HIT, HIT
fastly-io-info: ifsz=20304 idim=650x200 ifmt=png ofsz=11448 odim=650x200 ofmt=webp
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo_Global_k.webp
fastly-stats: io=1
content-length: 11448
x-request-id: 0a786ced4605596f364534a454da3dc1
x-served-by: cache-ams21061-AMS, cache-fra-etou8220067-FRA
x-runtime: 54ms
server: contentstack
x-timer: S1708049469.980373,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "gJ7tX+tQI1IIFB1nhxBsSQWC+Mm9PRr8TGgC5OvnHEo"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 357, 1

GET
H2 200 ElizabethMontalbano.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ 114 B
396 B 16ms
16ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ElizabethMontalbano.jpg?width=100&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

22bf4264f4938886e9417e0a63c52978db7d227da618a1ba0de444cbb56c65ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img04-europe-west2
age: 1654253
x-cache: HIT, HIT
fastly-io-info: ifsz=98905 idim=310x310 ifmt=jpeg ofsz=114 odim=100x100 ofmt=webp
filename1: custom
content-disposition: inline; filename=ElizabethMontalbano.webp
fastly-stats: io=1
content-length: 114
x-request-id: 38036d5329522cc38c6607782de32f0c
x-served-by: cache-ams12780-AMS, cache-fra-etou8220067-FRA
x-runtime: 115ms
server: contentstack
x-timer: S1708049469.979988,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "5kKRn4+JJbdKL15Vrb0kStCahOhcY8ljZIjvHXEoHc8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 1

GET
H2 200 ElizabethMontalbano.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ 622 B
923 B 18ms
17ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ElizabethMontalbano.jpg?width=400&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

12e76e4b3ac265bbd5fa3efecd36f7dc104ba2aec70b7379c7b97882b9708b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:08 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 1654253
x-cache: HIT, HIT
fastly-io-info: ifsz=98905 idim=310x310 ifmt=jpeg ofsz=622 odim=310x310 ofmt=webp
filename1: custom
content-disposition: inline; filename=ElizabethMontalbano.webp
fastly-stats: io=1
content-length: 622
x-request-id: a7bf35a9150f0a780e15909ebd5cf328
x-served-by: cache-ams12780-AMS, cache-fra-etou8220067-FRA
x-runtime: 135ms
server: contentstack
x-timer: S1708049469.979972,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "vL1K6ZgV/D5+hMwjv9k4nHT7h9KBeUbk/fiKP7vtQsg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 88, 1

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 81ms
53ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 8562421d4b989000-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 17ms
17ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 80500
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7531ee9b-301e-0079-330a-15c5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421ddc8ebb49-FRA

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

34ms
15ms

Fetch
text/html

2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Redirect headers

date: Fri, 16 Feb 2024 02:11:09 GMT
x-content-type-options: nosniff
server: sffe
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Fri, 16 Feb 2024 02:41:09 GMT

GET
H2 200 iris-recommend.js Show response
static.iris.informa.com/widgets/v3/ 1 MB
299 KB 381ms
14ms Script
application/javascript 65.9.95.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-30.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ed38b48da0789fdc73296f6b06a9e1617c4b59cf1ae849fda0004a7a22414816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:13:33 GMT
x-amz-version-id: ndyu.rUZXTiyeQ8CMP4q1UFBtnIR.RIU
content-encoding: br
last-modified: Thu, 15 Feb 2024 11:13:26 GMT
server: AmazonS3
via: 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"3133c8b080ea6cfdfba16903b3b2ddf9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 53857
x-amz-cf-id: kdB4-sMnfTp2--3azXmmj64xQf6ixmRMdviyTbSBm-w2qL3gdFzuXQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/ 430 KB
135 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ed789f6a4003ddf15eb02f1fc7e0ef1a9462ac6afa9784bdd000678c83e03dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 08:54:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 62217
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138518
x-xss-protection: 0
server: cafe
etag: 12880065651029678149
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 14 Feb 2025 08:54:12 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
90 KB 22ms
22ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

38edec2c9f7a356447ee19df7d75bf985c388795b99f1a4ac58ced4fe24526e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92104
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 16 Feb 2024 02:11:09 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 341ms
14ms Script
application/javascript 65.9.95.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-30.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2198f9c819947e6557b06cd53a4804d4a9a2377500ed131d17e83359f12df4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 11:13:33 GMT
x-amz-version-id: JCj5oZWwFy6f5XDT3S5o29v61M74KIOI
content-encoding: br
last-modified: Wed, 13 Dec 2023 10:06:07 GMT
server: AmazonS3
via: 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/"70f51402b25ef5848b8c59b06c3efb78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 53857
x-amz-cf-id: 6cad0dt2F_RKU0grADF0rP82zRFPhclorg10KOfJt4R_-OS1GgjJPA==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 49ms
8ms Script
application/x-javascript 2600:9000:2646:1c00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:1c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 07:29:28 GMT
content-encoding: gzip
via: 1.1 d147b4a7fe31d4e8683f7d8b15b71906.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 67301
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: z6vi1D7JO346JHnP0GEOCy5J-vl-KskzF8amFRwwqiBahNOecSdNaQ==
expires: Fri, 16 Feb 2024 07:29:28 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 478 B
730 B 48ms
21ms Script
application/javascript 2606:4700:4400::6812:27b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c3435d7989e8cc6968d741c016e80e6b73f479a979d3e6fb04d9c69e33ad13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 5356
etag: W/"aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 8562421e8f6e9183-FRA

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 13 KB
6 KB 166ms
85ms Script
application/javascript 65.9.95.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.95.45 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-95-45.prg50.r.cloudfront.net

Software

Resource Hash

e2b7009bd59dd919249cfe29dbf22131203baacc295b175daf5c850c9e4ee7d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4b7022ec3e11edfdd972039992f837de.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
etag: W/e0d446d0ad6b84d3b501dec907144bc3
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: rll9xc9u9h78xLOPdp5ueitioBpj_eaESFrXD1IZ9T7MjXm-UTymlw==

GET
H2 200 ElizabethMontalbano.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ 2 KB
2 KB 11ms
11ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt3a8c7badad2ca168/64f15cd2b4c236805e4fddad/ElizabethMontalbano.jpg?width=100&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

77f6b55cfd1440472c8a84c8f8814291f8ae57e64f9af315a37215cf0877ce87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img04-europe-west2
age: 1654253
x-cache: HIT, HIT
fastly-io-info: ifsz=98905 idim=310x310 ifmt=jpeg ofsz=2016 odim=100x100 ofmt=webp
filename1: custom
content-disposition: inline; filename=ElizabethMontalbano.webp
fastly-stats: io=1
content-length: 2016
x-request-id: 38036d5329522cc38c6607782de32f0c
x-served-by: cache-ams12780-AMS, cache-fra-etou8220067-FRA
x-runtime: 115ms
server: contentstack
x-timer: S1708049469.187010,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "1QIQy4d5ocPPzyUc+8Uv6RsNo3DPfZTjSU5N9uUrtDE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 RussianHacking_SciencePhotoLibrary-AlamyStock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt2b69b4ff20c3bb48/65b2fc198a28cb040a0b941d/ 93 KB
94 KB 12ms
12ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

eee4e357cd42e07f8cc61bcb7104f453fd180c16a8a90fcbf71a9842cbac29ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 228750
x-cache: HIT, HIT
fastly-io-info: ifsz=114990 idim=1200x931 ifmt=jpeg ofsz=95258 odim=850x659 ofmt=webp
filename1: custom
content-disposition: inline; filename=RussianHacking_SciencePhotoLibrary-AlamyStock.webp
fastly-stats: io=1
content-length: 95258
x-request-id: 1e9d1b36ce5b039a64d859ec21393d05
x-served-by: cache-ams21035-AMS, cache-fra-etou8220067-FRA
x-runtime: 134ms
server: contentstack
x-timer: S1708049469.187002,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "RH0THv582TTgkxEOLZCKlVUNNf5Eu8ioeRaJDsmZKbM"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 1

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 23ms
22ms Image
image/svg+xml 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 2686008
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d072c12c3aaefff5965b1c240efd969f
x-served-by: cache-ams12722-AMS, cache-fra-etou8220067-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1708049469.186990,VS0,VE10
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4431, 1

GET
H2 200 Dark_Reading_Logo_Global_k.png
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc8a6395802cafad0/654e0d60123f32040a075bab/ 4 KB
5 KB 8ms
7ms Image
image/webp 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc8a6395802cafad0/654e0d60123f32040a075bab/Dark_Reading_Logo_Global_k.png?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

93b04b3312ba8f544f1590d50d4ce790bf1363e77d98d2bfb39e8babc6c5b922

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img05-europe-west2
age: 2535047
x-cache: HIT, HIT
fastly-io-info: ifsz=20304 idim=650x200 ifmt=png ofsz=4448 odim=650x200 ofmt=webp
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo_Global_k.webp
fastly-stats: io=1
content-length: 4448
x-request-id: 2b758690cd7691a87652d5fe06e001be
x-served-by: cache-ams21061-AMS, cache-fra-etou8220067-FRA
x-runtime: 80ms
server: contentstack
x-timer: S1708049469.186966,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "+P6yk1vKUcL6TjXVjG346FUIHOsJ0N+ZyF1cSDipIjc"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 10, 1

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 25ms
25ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 60862
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 361060ce-b01e-003a-5c53-1423fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421e6f699231-FRA
expires: Sat, 17 Feb 2024 02:11:09 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 17ms
17ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 35252
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8bb80f27-d01e-0013-6e71-141d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421eaf799231-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 15ms
15ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 72204
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2f2e397c-701e-0068-1a77-145f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421eaf7a9231-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 16ms
16ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 34472
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 84c7e417-801e-0098-36b2-1219e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8562421eaf7c9231-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 47ms
26ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je42e0v873922772z8891172384za200&_p=1708049468945&_gaz=1&gcd=13l3l3l3l3&npa=1&dma_cps=sypham&dma=1&cid=464681518.1708049469&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dr=&dt=Russian%20APT%20Turla%20Wields%20Novel%20Backdoor%20Malware%20Against%20Polish%20NGOs&dl=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&sid=1708049469&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=value%20not%20set&ep.content_publish_date=Feb%2015%2C%202024&ep.content_sub_brand=value%20not%20set&ep.content_buyer_journey=value%20not%20set&ep.content_id=blt4d6fa046c42a4de5&ep.content_title=Russian%20APT%20Turla%20Wields%20Novel%20Backdoor%20Malware%20Against%20Polish%20NGOs&ep.content_legacy_path=value%20not%20set&ep.content_contributor=Elizabeth%20Montalbano&ep.content_keyword=value%20not%20set&ep.content_series=value%20not%20set&ep.content_sponsor=value%20not%20set&ep.content_main_topic=Cyberattacks%20%26%20Data%20Breaches&ep.content_additional_topics=Threat%20Intelligence%2CVulnerabilities%20%26%20Threats&ep.gtm_container_detail=GTM-5523ZCM%7C101&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Fprogram%2Fdr-global-articles&ep.content_program=DR%20Global%20Articles&ep.content_group=Cyberattacks%20%26%20Data%20Breaches&tfd=1504
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 63ms
21ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=464681518.1708049469&gtm=45je42e0v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=464681518.1708049469&gtm=45je42e0v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l3&npa=1&z=674876557

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 61ms
15ms Script
application/javascript 65.9.95.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-105.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:08:38 GMT
content-encoding: gzip
via: 1.1 badae0844eca8f0bad6677607d947120.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 12898951
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: Sau5BpcRttN29iNS9v8sxcfxFtDwXrh_2VJIHDTm3XnSc8pRr_Im5w==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 16ms
16ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 68703
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 286fded7-101e-008a-2bbf-216232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 8562421eed30bb49-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 23ms
23ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 70500
x-ms-lease-status: unlocked
last-modified: Wed, 14 Feb 2024 07:11:14 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2b84171a-201e-005a-6f32-5f5f64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 8562421eed32bb49-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 288ms
92ms Image
image/gif 52.71.116.217
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&u=BGZTBFhfGJQDzUv53&d=darkreading.com&g=53678&g0=Cyberattacks%20%26%20Data%20Breaches&g1=Elizabeth%20Montalbano&g4=article&n=1&f=00001&c=0&x=0&m=0&y=5552&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&b=1533&t=DGgMPKBYScwyBOtE7vEsTnHB7mb-T&V=143&i=Russian%20APT%20Turla%20Wields%20Novel%20Backdoor%20Malware%20Against%20Polish%20NGOs&tz=-60&sn=1&sv=C8PR4kDA54NwDcq3ueK6ZGHDyXR4V&sr=external&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.116.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-116-217.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 976 B
516 B 46ms
46ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469321&lmt=1708037504&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1600x6053&msz=1600x0&fws=0&ohw=0&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=48989557&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a799538838e93da2aa7676f20283ff32e183286516bbf84ea6f0109ea8a3bdae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 486
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
361 B 41ms
41ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469326&lmt=1708037504&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1600x6053&msz=1600x0&fws=0&ohw=0&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2690980561&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d96f176c4721540b52eb9e25e06284de8eb25552618b9a49e6979c6c9625c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1452 6 KB
3 KB 64ms
15ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 02:11:09 GMT
expires: Sat, 15 Feb 2025 02:11:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
366 B 42ms
41ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469382&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_1v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=4195683640&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c059b4444529e48871bd433ef02ee97e2f46f0a0182c267f8f0b84b3546475e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
362 B 48ms
48ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469386&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_2v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2203674406&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10598dfc7db6a221444bf7238e82deecd9b198357dbc566c740f8f04a2b8ee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
360 B 45ms
45ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469387&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_3v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2435984055&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d25bfb89191e6eb128ff9a06b9b53fa46b5ed3b95e04ba0a3b17ebab556f1c3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
362 B 57ms
57ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469389&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_4v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2218370160&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b295a76a041cde3ad94add2a5e3721d2e47a1f8c39252f08ec4157b953b1f7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
362 B 43ms
43ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469390&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_5v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=3116578968&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dca58523d95bff5e5b8e4a155d06fc8de61171a9b7cb98cd8170c4b26b0271c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
364 B 51ms
51ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=8&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469391&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_6v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=824748214&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

507f2e10187171421736f0cba83a57f6e40be91282e53d119aaa6ef8aa78e7f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
364 B 60ms
60ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=9&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469392&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_7v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=4013952276&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c10af7dd98642da92c1c85587b877489a8545fb5e500c758820a33b312be8bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
359 B 64ms
64ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=10&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469393&lmt=1708037504&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D100_8v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=1483222529&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d940418b991ed853e26755a4efdfa1f98ab3612f005faa8480e9a195e435ded

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 328
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 76ms
76ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1708049469395&lmt=1708037504&adxs=800&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1036x5392&msz=1036x0&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2392505608&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f852c8647f4f12c9b4136fb514f492cfb6cea46e8fd808be776931d3ae9cf76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13509
x-xss-protection: 0
google-lineitem-id: 6462372936
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138462033811
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
366 B 61ms
61ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1708049469396&lmt=1708037504&adxs=800&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1036x5392&msz=1036x1&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Doop_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2102354763&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5136e9b239424a642b64d795c1ae14fec3ec586734cac2f611ba4426f75e308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 335
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
364 B 72ms
72ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469397&lmt=1708037504&adxs=800&adys=301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1036x5392&msz=1036x1&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dfloor_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=1997086816&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e8e7c745705088218af1323473a4cf43d7e2adcf5106fecc16205da6c0d475a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
362 B 53ms
53ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=14&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469398&lmt=1708037504&adxs=800&adys=5641&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1036x5392&msz=1036x1&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dadhesion_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=3867321455&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd39a968fa9534bf4c70e2247105e37cb8b62d6a6bd516ed60edff5a25bb93ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 331
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 790 B
361 B 61ms
61ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=125x125%7C90x90%7C160x65&ifi=15&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469414&lmt=1708037504&adxs=1193&adys=425&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=125x65&msz=125x65&fws=4&ohw=1036&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dlogo_1v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=1492849233&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a19870238293093036cc85b867f2a423bcf9cacac85c94261f264ef87c54d30c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 789 B
364 B 55ms
55ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=16&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469425&lmt=1708037504&adxs=1006&adys=1020&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=324x4724&msz=324x100&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D300_2v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=95412071&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a166dbfc080b495a9340baf7445f40766967d6bc466b03dc698604e0ec8f273e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
25 KB 57ms
57ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=17&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469434&lmt=1708037504&adxs=436&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=1036x5392&msz=1036x50&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D728_1v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=931998314&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

302bab999b7c7d18c8cb6aada72cf6e09ece8a794b53a3f3f057c30ca6b6e111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25684
x-xss-protection: 0
google-lineitem-id: 6474078165
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138462842560
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 789 B
363 B 42ms
42ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=18&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469443&lmt=1708037504&adxs=1006&adys=856&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=324x4724&msz=324x100&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3D300_1v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=4235274643&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1f79489478c709cde7403767fdbe1e1a5e92f00758bbe2503fa56947f765f02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 334
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 786 B
362 B 39ms
39ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&ifi=19&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1708049469455&lmt=1708037504&adxs=1154&adys=772&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=324x37&msz=324x5&fws=4&ohw=1600&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dresource_v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2682104090&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18938e6d757f068b44e4acbf4ff3d4872b9ccd52bebf32b129425e7f25e179e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 333
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 B
174 B 40ms
40ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3762642042075214&correlator=2613494805564221&eid=31079957%2C31081146%2C31079525&output=ldjh&gdfp_req=1&vrg=202402120101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Cprogram%2Cdr-global-articles&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=20&sfv=1-0-40&sc=1&cookie=ID%3D599f50edb5d7344b%3AT%3D1708049469%3ART%3D1708049469%3AS%3DALNI_MZmynifXG-UMWZqVERODdIN87NUPQ&gpic=UID%3D00000d593a110e6f%3AT%3D1708049469%3ART%3D1708049469%3AS%3DALNI_MZqUZOvsYl2AtiPxRGl-hJ0T43fPQ&abxe=1&dt=1708049469486&lmt=1708037504&adxs=1156&adys=938&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=k&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&vis=1&psz=324x4724&msz=324x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=464681518.1708049469&ga_sid=1708049469&ga_hid=431751333&ga_fc=true&dlt=1708049468808&idt=392&prev_scp=pos%3Dnative_right_3v%26ptype%3Darticle%252Cprogram%26nid%3Dblt4d6fa046c42a4de5%26aid%3D646318%26reg%3Danonymous%26program%3Ddr_global_articles%26content%3Dprogram&cust_params=gdpr_banner%3Don&adks=2675028302&frm=20&eo_id_str=ID%3Df64405b8724e2d24%3AT%3D1708049469%3ART%3D1708049469%3AS%3DAA-Afja7SAjt99Q9hmX387aFdASd

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b595a3cd89c98c27258f2394036bba044c7b1da8a12aed5eb913b8b9d5f761f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 145
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame B689 23 KB
9 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:48 GMT

GET
DATA 200
OK truncated
/ Frame B689 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba51ec532de02c85663d720b1a02882f6b76f89ac66574e6f68439b5ae10f88b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E10F 0
0 40ms
40ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsunlAhNTzc9XO47t_COLZr4B0gacvN4IX-q2Wl_Hg8SCx2lEqiPo9yZCO-oT2cOhPBlT6-EaKqy5NkFJtyS1a3mz2J8kI03DbckOAY8fpGvNVoViqjZ9vCdnBLi3vByBcDBTLhBCGknBSR1WruAVO4fvPDL74M2-KAJk9TVvQ2k8EYaFwpS0nwmDrWdmXjDMQsuwJT3S3s-g2kuWcwDDqgrAbJ7d0xNJElQpX54DWKO914x3AdI36_7eZBGwG9RIPqZf-8OQChzdGevd42dlR0EeTWvf3vsG95rKL29rz80Wk6adb28fu-tfXrnGUarm2osKdrd8rNzmpT0Z6F9UZCsfwlXaw2JjcUdKKjJiza76YXD_xfPIaecugM1QqcdBE96iBlj&sai=AMfl-YRDfVK272Hk12AiMHoRdKy2nZo3TnSmLwxBQ8hmFaGR2AJLetzwXaKqZc084Ob53Ejd8CBbmqr3pD5ojri007VAURXr817Vvqn6nBvQZI7jBGV3UUdRxzF3xSKEEQ&sig=Cg0ArKJSzIoJqD8hFN7uEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/ Frame E10F 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/ Frame E10F 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240214/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 16:21:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35362
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 16:21:47 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E10F 204 KB
62 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 01:59:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 698
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62867
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 16 Feb 2024 02:59:31 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame E10F 331 KB
113 KB 49ms
10ms Script
application/x-javascript 2.18.97.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-115.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 21bfb2d122ac2722958b50fd598f92b542decc3f03a268e5bb2a459ef3ec5611

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
content-encoding: gzip
last-modified: Wed, 17 Jan 2024 10:57:17 GMT
server: AmazonS3
x-amz-request-id: WY6CB4WF4EKW3ZMQ
etag: "25caf0929000a3e41857d170d9b1a78f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=5869
accept-ranges: bytes
content-length: 115474
x-amz-id-2: /nNaPRpMubSmkr2fcwpNxpc8DKsK6EXj46wLDrFzHe24RdOUNmRfGNj9VZn2nFbvj4YBvk4Uwqg=

GET
H2 200 3588643968586254111
tpc.googlesyndication.com/simgad/ Frame E10F 72 KB
73 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3588643968586254111

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a3ab01e991871cac8246aeb1cdf4e8a2645ccbf1fbda6cf42cd49ad48208533

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:17:51 GMT
date: Tue, 13 Feb 2024 09:17:51 GMT
x-content-type-options: nosniff
age: 233598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74033
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 15:16:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame E10F 0
0 35ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTTMbyAsWXMG-7daDKgxrFX9EKDJS6iKbJBJKC6nvc_Tc4_gU-NEwauC0aIiD3EYYk4-_vp
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402120101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame E10F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d159b75b62bca051e421e5474df91988775bf4246c76c931804bac518042ce90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 modules.e9ecc540a57d29aebf45.js Show response
script.hotjar.com/ 218 KB
55 KB 29ms
7ms Script
application/javascript 13.32.27.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e9ecc540a57d29aebf45.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-21.fra56.r.cloudfront.net

Software

Resource Hash

0f8aa5e7a5e9ccfec4b7c9f5e45308da58b758b347035a808e42bfea00c222cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 17:16:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 32103
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55332
last-modified: Thu, 15 Feb 2024 17:15:35 GMT
etag: "c0fd02d44d882dfd953692a5d13e7049"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: UC8o2qq95J0wsYAVrdJ_IRqx6tqEj1BpEcMz0tcs_-kgP044rE0Pzw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B689 0
26 B 41ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJAw6A4si4N2EV_oA2dMj6T5LxIkzQdsUUOSTUSHqcdrsdBkU_UK_Anhv4NFCDo9WmebeQdaABJFSbd6EyrLoTJn2IHH8njRgWrWk8hH93wBv88dNrdadideWuC3u4wmpEIQ2xqcGfQ3jugMD1NvtwamEvIsbvezv2a_10YxdbeEfjKac1HWxQWRAOSuv8v1dxWHOuyaoOI6w2urcxQVzyYtEbhpXUWFrZFevYPIUPPaElzq_mRLDOOhRH3TtxqZ8HqR7N0kEID6FpaJmK55N36hj6xcwgl7a8DqiSKRTl_V2rtXwXrDS4QFX0n1U88jAEI0JSQEIfoESRz15yQZqsL3Q7JC0rsYxjEI1CvEvLhKqiskRPdN7MusRsGvOwIqfrgV9s5uAdTG_rHg&sai=AMfl-YQ4c7Oyfkyidx-mpJJhHSV2n3hf4D_WILjZ5wRwoSucgpEH7VStLU4kix-HFqAbXWY-SM6bZdAn5J5hJWBPNlp2KIk_creW3TWPilfv_91WuzQL0z88BlVpbpW9Fw&sig=Cg0ArKJSzGURT2lXyX5tEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 9038556702081411028
tpc.googlesyndication.com/simgad/ 150 KB
150 KB 8ms
8ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9038556702081411028?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

865d9951a1e25239bce2dc6be920c66202664485388609c10634c59cecd53f32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

expires: Wed, 12 Feb 2025 09:17:51 GMT
date: Tue, 13 Feb 2024 09:17:51 GMT
x-content-type-options: nosniff
age: 233598
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153923
x-xss-protection: 0
last-modified: Tue, 16 Jan 2024 21:56:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 230ms
200ms Fetch
binary/octet-stream 65.9.95.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-30.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Fri, 16 Feb 2024 02:11:10 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
x-amz-cf-pop: PRG50-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: Q52JfNqsYm1jYhJ1BjBPvMp9qE0nXkNZIi0P_S3cncWox2Y7zrtFMA==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 13ms
13ms Script
application/javascript 65.9.95.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.95.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-95-30.prg50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 4614c36172b2854b1e1e94af37435c8e.cloudfront.net (CloudFront)
date: Thu, 15 Feb 2024 07:55:45 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: PRG50-C1
age: 65919
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: -YZS_cdLt_rYGdpTVgYVYNnL-K2jOad7jQKRc_vJJir5PogMCt5QYg==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
19 KB 56ms
8ms Script
application/javascript 13.32.99.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-103.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 08:40:28 GMT
Content-Encoding: gzip
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
Age: 2741442
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: -oaXFeDU0zOmsmERJr8_csGLWx3s_SrDK8wCcexreapfhXpfTkedhw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E10F 0
0 56ms
41ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWSmsX5nLLGXzc6DFHnDjGHt8md7PZ0GJWBJ-YjZCIcsgPvcKt1YqOHrb6SxkONZegvAvKvYUgBNXtNUFGrGM9KkK7fI9n9XNB8KjaSQ9s7_aqIPEblVMy7nN0d7HbcpkHPd9pPkJ6rmO03q473iIJz32krb0F59xws1Jl0W8XImrtoEUNkVLnOfBVRncprfbLlwcRfjZ4_8-Zhu7AGJ_wOGPeNnvhj9tSJk6pZKd7uUBPPcv7GSOi9eLPL-egQ41O9sWDj0l1jNAeB-hX9Knfai_b3dEKkh8clG96fc2MRga0q1PnvWdZPPN3cz4TPKosZ4un1b3z3BV8W5xKegzqCX51Dw-kI8NFECwap2pxGlXGXLzkr_R9M9zaUxgzNkr20PfBnBI&sai=AMfl-YSxuJAIFufrQZhSz26aKxQDyM8oX3vkraBL-yU4iN4Jyu8NrZTxKTWi_A0ImItItOecuYojXumm2GhyHOI5C0Nwwg4ahieDTMiEV4WixDpKutZu_KfjItahP3amrw&sig=Cg0ArKJSzNbbbO_PNxyOEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 16 Feb 2024 02:11:09 GMT

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 112ms
33ms Preflight 2a05:d018:94a:8a01:e18d:a0de:5092:6397
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a01:e18d:a0de:5092:6397 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 88fd10a3-0d0b-4cf2-a089-9639b718dfeb

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 49ms
49ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a01:e18d:a0de:5092:6397
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a01:e18d:a0de:5092:6397 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

da4f87cb9b6f75f2b0c42fd9be6e3fc8cb1a0b2c5d1a3cd88ced03f59bfbaf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkreading.com/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: f6052365-baf8-4dde-9bcc-8bd036b649d7
content-length: 1804
content-type: application/x-amz-json-1.1

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 147ms
129ms Preflight 2606:4700::6812:6c2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6c2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 85624222ba7b381f-FRA
content-length: 0
date: Fri, 16 Feb 2024 02:11:10 GMT
server: cloudflare

POST
H2 200 ed0
c.darkreading.com/com.iiris/ 2 B
329 B 133ms
132ms Ping
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/f23io39d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 856242238e1b39df-FRA
content-length: 2

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 35ms
7ms Preflight 18.196.132.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1708049469864

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 21ms
8ms Fetch
application/json 18.196.132.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1708049469864

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

GET
H2 204 2610568 Show response
vc.hotjar.io/sessions/ 0
258 B 63ms
33ms XHR
text/plain 18.66.112.19
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2610568?s=0.25&r=0.087242550569965
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-19.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.9.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:09 GMT
via: 1.1 edffe6978db53d114a80cda421e0b6b8.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.9.3
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: fGlgVSb1NsdeeBawZhJfn5oL4XyXniLoRWWZhrYdI_gIq_UL6HnO4A==

GET
H2 200 tag.aspx Show response
ml314.com/ Frame E10F 31 KB
10 KB 46ms
7ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1612024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:01:19 GMT
via: 1.1 google
content-encoding: br
age: 590
x-guploader-uploadid: ABPtcPpDO_ENgQeXwmn5NcvYqwKgE6tMan_0ass2la6BpEqmNEAv3S6NfAb28Ho5JoJJ_2HVYGvT9vec3g
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10218
last-modified: Mon, 18 Dec 2023 20:13:43 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-hash: crc32c=P2fgBQ==, md5=IwpC9BBrIFbFRmT73giztw==
x-goog-generation: 1702930423872068
content-language: en
content-type: application/javascript
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32241
accept-ranges: bytes
cache-id: FRA-1209ea83

GET
H2 200 n.js Show response
mb.moatads.com/ 100 B
278 B 130ms
43ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijYK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=20&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1708049469891&de=208645482072&m=0&ar=805b0ce1b97-clean&iw=24ec2dc&q=2&cb=0&ym=0&cu=1708049469891&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5101454769%3A3271516292%3A6474078165%3A138462842560&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&id=1&ii=4&bo=22316126855&bp=23018719412&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=23018719412&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=23018719412&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1212%3A1781%3A0%3A1226&fs=207009&na=598151779&cs=0&callback=MoatDataJsonpRequest_72405159
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: e31c10efdc6f9ab7c1e76851bb911c1a826c676e72ce705ed484986215ac4308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
server: istio-envoy
etag: "803b76ea6fecc874efb09be220a15f060923054c"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 20
timing-allow-origin: *
content-length: 100

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 10ms
9ms Image
image/gif 2.18.97.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=20&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1708049469891&de=208645482072&m=0&ar=805b0ce1b97-clean&iw=24ec2dc&q=3&cb=0&ym=0&cu=1708049469891&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5101454769%3A3271516292%3A6474078165%3A138462842560&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&id=1&ii=4&bo=22316126855&bp=23018719412&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=23018719412&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=23018719412&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1212%3A1781%3A0%3A1226&fs=207009&na=19891177&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-115.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 16 Feb 2024 02:11:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 9ms
9ms Image
image/gif 2.18.97.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=20&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3588643968586254111&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijYK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&id=1&ii=4&f=0&j=&t=1708049469891&de=208645482072&cu=1708049469891&m=43&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6143&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1212%3A1781%3A0%3A1226&as=0&ag=16&an=0&gf=16&gg=0&ix=16&ic=16&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=16&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=32&cd=0&ah=32&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5101454769%3A3271516292%3A6474078165%3A138462842560&bo=22316126855&bp=23018719412&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=23018719412&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=23018719412&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=709030816&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-115.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 16 Feb 2024 02:11:09 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame E10F 62 B
254 B 29ms
28ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&pv=1708049469948_mn7gni3p5&bl=en-us&cb=1061059&return=&ht=&d=&dc=&si=1708049469948_mn7gni3p5&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1612024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:09 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame E10F 20 B
482 B 454ms
158ms Script
application/javascript 52.7.198.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1612024&v=2.5.5.72
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1612024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.198.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-198-231.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date: Fri, 16 Feb 2024 02:11:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sat, 17 Feb 2024 02:11:10 GMT

GET
H2 200 darkreading Show response
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ 4 KB
2 KB 123ms
122ms XHR
application/json 2606:4700:4400::ac40:966b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&limit=4&mode=db&item_age=12

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:966b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

121f37922bf20fc3612db0eac5c4c330e712a33bc1dbd4a99a4d488f3f95a6b5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 0

Request headers

Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjENr//////////wEaCWV1LXdlc3QtMSJIMEYCIQCTcO0NKp+96iFUzOpl7yYaTCxn1uAH6JPZyi3k0Lz5HQIhAI+XVxcPV7kNsgY2KHWZsOEhyNPWUx6/kamNhQQh8NYBKtIFCLP//////////wEQAxoMMDU2MDQzMTcwODk5IgzOi5ZKbAzIVfOxRUEqpgWfuJr+RD/bOQPWjRBi8pOona4KELdrJcaEqMs+6YeinJzlMPaGo3sSFZfnn2HL/6XMNeYUjm74XBB3QVN9VHmnNgW+tpRQN0cymb2BrkX3c/npF+haci7IJJogmVrJvg4T1NbvNasm1NK7UG1HfSYK6KDWzTIyvXPvfGx8EcIzAc7EnsyzsgahE32vr449LM1x1xeNmiKnbyIaAtqggVuCcsd9a4wI3ZcTlhEfna5pLQ73vweuPJ8XE7aFaWfOUvdmvD2dZgAEtKX7wlQIBNSYN2yizyibZ4lxF4ndYt+4r29sA6CkUjBBRT1ZO8D4s5LZhI6f4eAlnfUPu+eCoZcP3wZCDrBJ4LOLkyQuRisxfcVcDJ6EEyqgcypcpqtuEQOCjE8+r6AH1/4kUGJuOmSwnOyCs5540Hhq7OG7/M0IJvhAafzhBuThR5ph5/ycPkBrKAa7u5oB8WKj5ZOa3ENmVz1790l1tqsVrcq+nRBm0ntfErC0J60aBK08jtjhp72THc2Zj4cnW5o9FLRZJO5WyA6ukNHNTmNxbhQGGsiqDm4AuvJjxGFNMlkzQcAevsmR1eiQWrgOwgIoVDIJ1RDPq01H1J77+KYu4XWVoEEAu8QptQUhR9bUVrMx5QV1GjKnCZ1gVjlh/+1RFzvznEJWu2DoHgVaCF2vPtXuebXYvEwu5Xs13fyWknDqFmyoCzmkmy59BaHFojIdc2ePH7NE8Jfgzwe8zNMmI0kp7mP7GECbA4YX+VN7YCgTDFH8rY3f0bHNeZV/31KHNJ/o7HpkFhzQuKDbXIReuXWRh3pUSvaJr71yFtmBU73zhT/cAh1Gx96u9DdML//8YhNiZv3Ndsn7swSRMYp0iAxz/Kom9JfL9ErxQQnsyTJwXS8KSU8hOT4DwhAwvYi7rgY63AI2uKefTdL531+I/FuomG0Y4GnCxJWZOme9vMbQxhmWBCNL++gYqX4ZihbbV2Bq1RjdfJYnUysP1RqRmQmO34wQO2kHNwSawMHDp5MkxhFATipo9RV9DQrEC1w+1IGPq39L8rx2fF1zKzKGnkR9HYzcoaue8VZptxIF4j2/60PNydyTNRkEV8qGIY/jfdPq7Anf/nLTgQwu28E63zzmLu4VsIrvK5G1ABUcFLzM1AQEkDt3MICl+1xPM2KWLsaOhoDt4h8QdMmjO6A0/Ajt2k/U9Krw1/1W/vGyzNM1dupYs1HqGB4xHX/0tBYnLspFd2lvyQ3MFU1Ok29HfN6CXBupFuwpQQ2kl61ieX1mzm9+09UaSoGTMyPc7/Oh/s/80pfF3uC+EkYB+RjoVE+RgyA+tXFzxwB72UBM0rwpw7Xj9MKuChMQUqzvFmMQckp45nG4q6Nx71PyR44nwu0=
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
x-amz-date: 20240216T021110Z
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJ7WYGJ24W/20240216/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=8641e7464b793d3128433551b4e252253ee3baf1ba00ed6536ae045a55b6d71d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 3835
x-amzn-remapped-server: uvicorn
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
x-amzn-requestid: 5e2ce41f-127c-41c7-b244-9b23d8617e9f
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
cf-cache-status: DYNAMIC
x-amz-apigw-id: TNOZwF_PjoEFxLg=
x-xss-protection: 1; mode=block, 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-frame-options: DENY, DENY
content-type: application/json
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate, max-age=86400, private
cf-ray: 856242245b7b3a73-FRA
x-amzn-remapped-date: Fri, 16 Feb 2024 02:11:10 GMT
expires: 0

OPTIONS
H2 200 darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame 0
0 118ms
100ms Preflight
application/json 2606:4700:4400::ac40:966b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:966b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method: GET
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id
access-control-allow-methods: DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 85624223bb093a73-FRA
content-length: 0
content-type: application/json
date: Fri, 16 Feb 2024 02:11:10 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-apigw-id: TNOZwF11DoEF74w=
x-amzn-requestid: 89eda8f2-edf9-4924-af78-272cecb0b908
x-content-type-options: nosniff

GET
H2 200 nr-spa-1.252.0.min.js Show response
js-agent.newrelic.com/ 88 KB
29 KB 23ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.252.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-amz-version-id: 1zTB_zIu9GsCJr9CnWa8NksGpEL6v25e
content-encoding: br
via: 1.1 varnish
date: Fri, 16 Feb 2024 02:11:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: 5E1XWXKWZT4Q47QR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29571
x-amz-id-2: at7mrRrouoz2tfKGc3hqMZhGq8gY1P70lzKNHde27BcoCqTHmRfqri3jElW+kATmHT7njH28HwU=
x-served-by: cache-fra-etou8220082-FRA
last-modified: Tue, 13 Feb 2024 00:41:07 GMT
server: AmazonS3
x-timer: S1708049470.424027,VS0,VE0
etag: "1b4209d0ae18545976f7eb2c5f94d6b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 146223

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 36ms
22ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402120101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8553234c07a57dbbdd0d15bbeaf2731ec066399ec4dc1199beac5624ba46d8fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12304
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
145 B 34ms
27ms XHR
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-e946a715773bef8c----1708049470409
traceparent: 00-3cd9cf7a41834294e8aba8560f680241-e946a715773bef8c-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiZTk0NmE3MTU3NzNiZWY4YyIsInRyIjoiM2NkOWNmN2E0MTgzNDI5NGU4YWJhODU2MGY2ODAyNDEiLCJ0aSI6MTcwODA0OTQ3MDQwOSwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 856242261fa339df-FRA

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
37 B 35ms
27ms XHR
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-f82219ac7385be35----1708049470410
traceparent: 00-c646cacb77a7fdf42cd82bf18d666cf2-f82219ac7385be35-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiZjgyMjE5YWM3Mzg1YmUzNSIsInRyIjoiYzY0NmNhY2I3N2E3ZmRmNDJjZDgyYmYxOGQ2NjZjZjIiLCJ0aSI6MTcwODA0OTQ3MDQxMCwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 856242263fb839df-FRA

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/1/ 40 B
462 B 51ms
22ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.252.0&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=2708&ck=0&s=701f11e9a70ff6ae&ref=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos&hr=0&tt=058cc4bcaf95c03e&af=err,xhr,stn,ins,spa&ap=172.823689&be=1067&fe=1602&dc=289&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1708049467738,%22n%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:7,%22ce%22:17,%22rq%22:17,%22rp%22:1068,%22rpe%22:1071,%22di%22:1226,%22ds%22:1356,%22de%22:1356,%22dc%22:2667,%22l%22:2667,%22le%22:2669%7D,%22navigation%22:%7B%7D%7D&fp=1211&fcp=1781
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 9c303a7ebd62689d3a1867f70cc6bdc12eb7700fac4acbf891f14b79fc872459

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230080-FRA

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 16 Feb 2024 02:11:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 942D 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19841
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Feb 2024 20:40:29 GMT
expires: Fri, 14 Feb 2025 20:40:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D3B2 829 B
1 KB 16ms
15ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

85a5a028efbcbb4dd50fb0aca51e0dbc60f3bed7638c88331569e31c60c3f0d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-EZa5rp1vMT8v3SPNKibcyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-EZa5rp1vMT8v3SPNKibcyw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 16 Feb 2024 02:11:10 GMT
expires: Fri, 16 Feb 2024 02:11:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame 942D 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Thu, 15 Feb 2024 18:04:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29196
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Feb 2025 18:04:34 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D3B2 0
0 40ms
38ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402120101&jk=3762642042075214&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/resources/1/ 36 B
359 B 18ms
18ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/resources/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.252.0&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=2820&ck=0&s=701f11e9a70ff6ae&ref=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos&st=1708049467738&hr=0&fts=1708049467738&n=26&fsh=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e2276d38dc3d70bc2e80598f636064fcc8e062cea85b8ce0d3038c1d23c932f8

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 36
x-served-by: cache-fra-eddf8230080-FRA

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/events/1/ 24 B
346 B 13ms
12ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.252.0&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=2846&ck=0&s=701f11e9a70ff6ae&ref=https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos&ptid=7094d4fe-0001-b15a-412d-018dafae946a&hr=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230080-FRA

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 942D 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?6TnH2g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Fri, 16 Feb 2024 02:11:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E10F 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRtCFIdJlreRc1WyI82SzzK8T3oFwHbOCNNObfgeENX508XgX1CieO4VFuHezn6wahS9ZWLDOXwi_MFKTjjkoFMSGMCW7EEqmGzPIYdD5EuTPQMLOSJ3x-VE0_ggrme6xYCiQ2GvMZo2PwlVYYBPJORziiWqFPHK8&sig=Cg0ArKJSzBAFKa0ziMDREAE&id=lidar2&mcvt=1000&p=249,436,339,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240213&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=931998314&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=398226900&rst=1708049469589&rpt=243&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 10ms
9ms Image
image/gif 2.18.97.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=20&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijYK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&id=1&ii=4&f=0&j=&t=1708049469891&de=208645482072&cu=1708049469891&m=1208&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6268&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1212%3A1781%3A2669%3A1226&as=1&ag=1183&an=16&gi=1&gf=1183&gg=16&ix=1183&ic=1183&ez=1&ck=1183&kw=998&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1183&bx=16&ci=1183&jz=998&dj=1&aa=1&ad=1086&cn=0&gn=1&gk=1086&gl=0&ik=1086&co=1086&cp=998&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=998&cd=32&ah=998&am=32&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5101454769%3A3271516292%3A6474078165%3A138462842560&bo=22316126855&bp=23018719412&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=23018719412&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=23018719412&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1215786154&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-115.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 16 Feb 2024 02:11:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402120101&jk=3762642042075214&bg=!ZGelZyjNAAZN4L4YbeA7ADQBe5WfOBC8WnVGiLaE1befDM8fAWzhabl3R8w4S80M1WZZbPqFzPLB663ESh_GKBMY3XyYAgAAAGFSAAAAAmgBB5kC2ORzZU9e7Sx6pubsT4HjF0W19r5w8Dq7U0_TACh70TRFUYCi-U_5XwEfI3dp1Qe3ZCre8wJrYm8MuGjjfdd0FHpVBdoyMfkyx-n1TULO4I-I6nzKmL1qTiLaXZk14i-4GBQGKSIvJZ8aGdGIdTRRMfTpSYwa4Pvsc1kQHqrfHrsdmkEI_Yqfa6mNwyK4QLhZEbaePWHr1rKGNEV6NHZBp0dTH6RJ81B_T7eGsdRnpzi0AXqhQGzmXJCQTacBLQO0yuaDCYUJp3VKnMFbuEDtqVep89iSgXiOY-OSyGP7fYJ_BuGVYE_FMvQcXYAUPGe_8aDQfyYKwdW7RlYANMTYp2_IO8yKubaOXbmMdnB2sPkRKeCdo-QPgyKF_wQjVn8vgk8wz5hUv2b7FoXurHmyzni2Op7LG6kXplCqI3qRPp_PUjZXKpnWF0ha4dMeE3xxkPYaM2jZs-bI3q9pP6AEEA5QBZfKGI1jIFqCp8NPs3rUSlUc66KWDLGYmIy46EPIS1vw5rNmtcCeDiweA1bXDPkueKnJxk_k4aGi-5qQdnFVCqCKWXvy9lN3ze5WGS_tJnpz6uxSGmW53pXGdt6rmgtAhbzvJc0I8tBw-Ikv_r7fM0Q5kW-h08kXZINkYa2bUy0jNIq4nfGdm_mNWjqdsktYW1tmaDPAojPtl-Cl5INUo_0oE5bVUE-_oBf70tAhkND5ebOu3P3oCp0VhgiYT6Cds8mjaAV-o_z0TBi5nc4OXwc03JY-RiUOdEzytQwcSCKglON7-uBSopCVmiFKfr9MLqro3cgC1FfGxxNcNd3oMdVV0B9pMVM7pq3s3vVeIhOQ7m0D_edMCiIYjYjxgW8pn7hbh7AWBdRGamFqeXyi12XO8d231V90sGWEkMNhQZb94uS6Udhpx_Uo5FO_YvCNZEZaJjY656eRWVGtOgaUQnqusb-UMd6MeybeKmXxo_maWsYPHu6k
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 10ms
10ms Image
image/gif 2.18.97.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=20&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijYK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&id=1&ii=4&f=0&j=&t=1708049469891&de=208645482072&cu=1708049469891&m=1209&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6268&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1212%3A1781%3A2669%3A1226&as=1&ag=1183&an=1183&gi=1&gf=1183&gg=1183&ix=1183&ic=1183&ez=1&ck=1183&kw=998&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1183&bx=1183&ci=1183&jz=998&dj=1&aa=1&ad=1086&cn=1086&gn=1&gk=1086&gl=1086&ik=1086&co=1086&cp=998&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=998&cd=998&ah=998&am=998&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5101454769%3A3271516292%3A6474078165%3A138462842560&bo=22316126855&bp=23018719412&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=23018719412&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=23018719412&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1706775191&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-115.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 16 Feb 2024 02:11:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
251 B 13ms
13ms Image
image/gif 2.18.97.115
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=20&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.I%24%3D!%5DxPm2i3MLgy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ijYK8fJtVWlgP6m3tVv3EhYKQlBk9l%2Bd1Ss78ABRGBCPEpCfxlXpQB8EOC0dEk1CVCWz&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-dg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&id=1&ii=4&f=0&j=&t=1708049469891&de=208645482072&cu=1708049469891&m=1209&ar=805b0ce1b97-clean&iw=24ec2dc&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6268&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1212%3A1781%3A2669%3A1226&as=1&ag=1183&an=1183&gi=1&gf=1183&gg=1183&ix=1183&ic=1183&ez=1&ck=1183&kw=998&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1183&bx=1183&ci=1183&jz=998&dj=1&aa=1&ad=1086&cn=1086&gn=1&gk=1086&gl=1086&ik=1086&co=1086&cp=998&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=998&cd=998&ah=998&am=998&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5101454769%3A3271516292%3A6474078165%3A138462842560&bo=22316126855&bp=23018719412&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=23018719412&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=23018719412&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207009&na=1929571574&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.97.115 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-97-115.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Feb 2024 02:11:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 16 Feb 2024 02:11:11 GMT

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 18:27:31	Name: __cf_bm Value: e.8nyej2XNpZ6R7lJxZUhE_g9_wvKCzP7OXaETb8PfI-1708049468-1.0-AUfY7rIKwW4m9PYs6w6XLCpXneUvfnMTmexZ/nOmI977r9D5gVndPnCr3cV+thHIgDYgHwFbZokhuZYIaRgMIYo=
.darkreading.com/	1970-01-20 20:37:05	Name: _gcl_au Value: 1.1.2107196522.1708049469
.js.ubembed.com/	1970-01-20 18:27:31	Name: __cf_bm Value: Sypmuo2IyIDwYAxqKKqY2Dh2gmfuSaIC.1uJx1lZNI8-1708049469-1.0-AdLhR9LlsWuO8sYu4chJLyqceCI2xGu5HGRebSGZwIc1L0I40NcUIfeSi7C6DtFZEfSY0aSQx1kKk9Fd1TPq3KE=
.darkreading.com/	1970-01-21 04:03:29	Name: _ga_1X1EHQ3PFR Value: GS1.1.1708049469.1.0.1708049469.60.0.0
.darkreading.com/	1970-01-21 04:03:29	Name: _ga Value: GA1.1.464681518.1708049469
.darkreading.com/	1970-01-20 22:46:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Feb+16+2024+03%3A11%3A09+GMT%2B0100+(Central+European+Standard+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=452c2fae-a951-4c82-b6f1-1fc7cf1017e2&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fcyberattacks-data-breaches%2Frussian-apt-turla-novel-backdoor-malware-polish-ngos&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-21 03:56:17	Name: _cb Value: BGZTBFhfGJQDzUv53
.darkreading.com/	1970-01-21 03:56:17	Name: _chartbeat2 Value: .1708049469267.1708049469267.1.C8PR4kDA54NwDcq3ueK6ZGHDyXR4V.1
.darkreading.com/	1970-01-20 18:27:31	Name: _cb_svref Value: external
.doubleclick.net/	1970-01-21 03:49:05	Name: IDE Value: AHWqTUmooUlkQIVRDcyN9wrmaAOAw4XGrUKvbPd6quzzQpzR5RtOIL9rjMsPE9-0TBg
.darkreading.com/	1970-01-21 03:49:05	Name: __gads Value: ID=81a256108f80e808:T=1708049469:RT=1708049469:S=ALNI_MZN0Q-1gnQeQtns2mVYmvL9zW1ZtA
.darkreading.com/	1970-01-21 03:49:05	Name: __gpi Value: UID=00000d59398f2439:T=1708049469:RT=1708049469:S=ALNI_MYLEgls-fwOILCQs1ENafERdOhWog
.darkreading.com/	1970-01-20 22:46:41	Name: __eoi Value: ID=5a75902960ccfd19:T=1708049469:RT=1708049469:S=AA-AfjZ41RJtcXCbWfWPTPEPKUdL
.darkreading.com/	1970-01-20 18:27:31	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-21 04:03:29	Name: _sp_id.94c4 Value: c79eacbd-671b-4871-b5ce-a51c8274321b.1708049470.1.1708049470.1708049470.0842bad4-f293-44bb-80e3-3211a1fe3fb1
.darkreading.com/	1970-01-21 04:03:29	Name: __td_signed Value: true
.darkreading.com/	1970-01-21 04:03:29	Name: _td Value: 38687ba5-402d-452b-8242-0cf0704dc06a
.darkreading.com/	1970-01-21 03:13:05	Name: _hjSessionUser_2610568 Value: eyJpZCI6ImEzZjVlNGQyLTMwZWYtNWUyMS1hODVlLTliMjhkNTQ2MTA4NyIsImNyZWF0ZWQiOjE3MDgwNDk0Njk4ODYsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 18:27:31	Name: _hjSession_2610568 Value: eyJpZCI6Ijk3YWEyMjAwLWZkNTEtNDYyNy1iNWYzLTBhZmI0MmIxNmU1OSIsImMiOjE3MDgwNDk0Njk4ODYsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MX0=
.in.treasuredata.com/	1970-01-21 04:03:29	Name: _td_global Value: e543f6f6-1b7e-42d1-9f03-e5dc8f304b71
www.darkreading.com/	1970-01-20 18:28:55	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.darkreading.com/	1970-01-21 03:13:05	Name: sp Value: d580206e-f5b0-4e92-ab07-723049544d9a

54 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/cyberattacks-data-breaches/russian-apt-turla-novel-backdoor-malware-polish-ngos Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
a26cfd93e4638a5b9f9ac8663f28cafc.safeframe.googlesyndication.com
api.iiris.com
assets.ubembed.com
bam.eu01.nr-data.net
c.darkreading.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
in.ml314.com
js-agent.newrelic.com
marketingplatform.google.com
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vc.hotjar.io
www.darkreading.com
www.google.com
www.google.de
www.googletagmanager.com
www3.doubleclick.net
z.moatads.com
13.32.27.21
13.32.99.103
141.147.81.223
151.101.2.137
18.196.132.224
18.66.112.19
185.221.87.23
2.18.97.115
2001:4860:4802:32::36
2600:9000:2646:1c00:18:1fcd:353:c61
2606:4700:4400::6812:2089
2606:4700:4400::6812:27b5
2606:4700:4400::ac40:966b
2606:4700::6810:3965
2606:4700::6812:6c2f
2606:4700::6812:6e2f
2606:4700::6812:82ec
2a00:1450:4001:803::200e
2a00:1450:4001:808::2001
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c00::9b
2a03:2880:f084:d:face:b00c:0:3
2a05:d018:94a:8a01:e18d:a0de:5092:6397
34.117.77.79
52.7.198.231
52.71.116.217
65.9.95.105
65.9.95.30
65.9.95.45
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
0263ae4f7e587123e23dd226393d624068f51722610bf0cb53c56c7e1e680ede
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d96f176c4721540b52eb9e25e06284de8eb25552618b9a49e6979c6c9625c2d
0f8aa5e7a5e9ccfec4b7c9f5e45308da58b758b347035a808e42bfea00c222cd
10598dfc7db6a221444bf7238e82deecd9b198357dbc566c740f8f04a2b8ee58
121f37922bf20fc3612db0eac5c4c330e712a33bc1dbd4a99a4d488f3f95a6b5
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a
12e76e4b3ac265bbd5fa3efecd36f7dc104ba2aec70b7379c7b97882b9708b54
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
18938e6d757f068b44e4acbf4ff3d4872b9ccd52bebf32b129425e7f25e179e9
1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7
1cbb2bbe655e579266c5189d67477f39fae190c2884ee3d9407417dbbfa79a5d
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2198f9c819947e6557b06cd53a4804d4a9a2377500ed131d17e83359f12df4f6
21bfb2d122ac2722958b50fd598f92b542decc3f03a268e5bb2a459ef3ec5611
22bf4264f4938886e9417e0a63c52978db7d227da618a1ba0de444cbb56c65ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25bc92b9969888c951c49a12f706534458e014353ee5e21c31da0afcffa2da93
25d5f3492df9d263f017fd19be6831e0a6ff7f75e0d87de32de97d14a6fca858
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2c059b4444529e48871bd433ef02ee97e2f46f0a0182c267f8f0b84b3546475e
2dca58523d95bff5e5b8e4a155d06fc8de61171a9b7cb98cd8170c4b26b0271c
2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15
302bab999b7c7d18c8cb6aada72cf6e09ece8a794b53a3f3f057c30ca6b6e111
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3891b93ecee23b5a101de27a676ad281cb9f7457304da4474864f3ae4fffa3fc
38d9df1d9bcc54b20b5a90614e78a9d938b797ca2a483ed17c12358df4b91f11
38edec2c9f7a356447ee19df7d75bf985c388795b99f1a4ac58ced4fe24526e2
3a7c7d89a7cc321f791e1aa2e947c911c0ea3764e02e84bfb301c1d191ac0fbf
3ed33cbc7e1e4cb00616297a3d9ccbc9734ea52602c5f73b0341c18ba71773f1
4130e2e911a45999c37b0d6c2580fbe4ead140cacebc975633ae9fc1c4ff0bff
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
50177ac3c42d7ada1970bf25406b64c02b5ccf8d6584442c6f9af8cea33130b7
507f2e10187171421736f0cba83a57f6e40be91282e53d119aaa6ef8aa78e7f5
54ece1590fb3a1c1b80cf6e3c6dc149ccfd2001e1888b5f99bdb36e701dd4a78
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
58492c25443d26194f9139174ec0897138e098653d0c08a9b68198fc653bff2b
59175fd22cdb07b78a5fbbe397903f08c7e01b7cdec69a927e5782f3341fead5
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5f0fc9b345ef02fd5ea97e5f6203ce9e793afe414c8e3c52f84de4df176593f7
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e
688920dcf3bc915f06fdb081e29e9c2b6fbb0ea6727fe5be74f33db0e2c0ad6b
6d940418b991ed853e26755a4efdfa1f98ab3612f005faa8480e9a195e435ded
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d
72974388b63358434fe886e35399d6ffc7171f812cdac3b32f73b06f66520a60
768e3560f3716fcaf180e99f67c8c34074d3bbccfa668a4f33b7378d5c76f6f4
76fe72e535b7964a7bcf83c0025cb9088e1c7b9c8acc3b53555e024c9c86d973
77f6b55cfd1440472c8a84c8f8814291f8ae57e64f9af315a37215cf0877ce87
7b3aefbfdba6dd23d150e9b435e10344cd7870759930913fdffabe3491ffae15
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7c10af7dd98642da92c1c85587b877489a8545fb5e500c758820a33b312be8bc
7e8e7c745705088218af1323473a4cf43d7e2adcf5106fecc16205da6c0d475a
7ed789f6a4003ddf15eb02f1fc7e0ef1a9462ac6afa9784bdd000678c83e03dc
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde
8553234c07a57dbbdd0d15bbeaf2731ec066399ec4dc1199beac5624ba46d8fc
85a5a028efbcbb4dd50fb0aca51e0dbc60f3bed7638c88331569e31c60c3f0d8
865d9951a1e25239bce2dc6be920c66202664485388609c10634c59cecd53f32
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
86e55d09ac7f9e31d76aae3602f9bf72e1928e2925858104c942ed486a0c5219
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
8eda42e59ee9cdb2e0430f8e4cd23f6c9afaaf33b08f1dc0f5ef747ee80efd93
8f4eab23614eb9e9f57d83487f7b4b911bdd11b2ccf621d159a60c4d0f2c6991
90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83
93b04b3312ba8f544f1590d50d4ce790bf1363e77d98d2bfb39e8babc6c5b922
97aeeacf485a26aa10526f039539de4f6bab1206e6161f9a00d23ad72e4ac56d
98427af2c5ab02eff6e10aafa56c4a0b6d3edb93714a4967c985cc3237892fc9
9a3ab01e991871cac8246aeb1cdf4e8a2645ccbf1fbda6cf42cd49ad48208533
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9bf98d65fa1348fad3cfbc8ea72bbe92e824ee20db77698f9963cd907b971563
9c303a7ebd62689d3a1867f70cc6bdc12eb7700fac4acbf891f14b79fc872459
9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
a166dbfc080b495a9340baf7445f40766967d6bc466b03dc698604e0ec8f273e
a19870238293093036cc85b867f2a423bcf9cacac85c94261f264ef87c54d30c
a2edf5c54d5168cfd216ba16af186bd1d0d8ea214aafd58f45cb357b7ee8f094
a3bf582e15a712c2602bcc7d9bffd24083d655fcf09ce3d8acac0decff12e1dd
a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27
a5136e9b239424a642b64d795c1ae14fec3ec586734cac2f611ba4426f75e308
a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944
a799538838e93da2aa7676f20283ff32e183286516bbf84ea6f0109ea8a3bdae
a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1
ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
b295a76a041cde3ad94add2a5e3721d2e47a1f8c39252f08ec4157b953b1f7ff
b2fe03efc1e879c2c5bd27bf86f71ad3790b0d6765498480f4c8071fa7f59051
b595a3cd89c98c27258f2394036bba044c7b1da8a12aed5eb913b8b9d5f761f6
b7870d76c8c46ecf4461dd5d69eb4930cef535da64159a2322227564709a6dcc
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
ba51ec532de02c85663d720b1a02882f6b76f89ac66574e6f68439b5ae10f88b
bb03f47be374b1eeced807c368c4015291dfa617c580ee1320b4c45add40d4ae
bedfcca8db64f1ffd34dcaa513b726426baf81a96c3e2f6eef87a09aa52ffff0
c0c3435d7989e8cc6968d741c016e80e6b73f479a979d3e6fb04d9c69e33ad13
c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428
c37ae7b69b1fa446ea0bfba3234165caae7f47ac894cb6415470da07cec5c269
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c77cde240865b6409218f927cd88ff158b78ae943f0899b0db4da5cf55c95c80
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
c9bb7f688260060d6a3797dbdf9ef3a791a35428a463b9eba7b9a4c12a2701a4
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7d2763df5141a292d5554796dab9a8d365265bd3cd00b756bc372b2a9c1b1b
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d159b75b62bca051e421e5474df91988775bf4246c76c931804bac518042ce90
d25bfb89191e6eb128ff9a06b9b53fa46b5ed3b95e04ba0a3b17ebab556f1c3a
da4f87cb9b6f75f2b0c42fd9be6e3fc8cb1a0b2c5d1a3cd88ced03f59bfbaf1e
daa5dcd0acdb87789fd61b499d0a7949a0ae68943dd19ce14eab899846bc3920
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e1603deb2ef986a9d2da127022d8a03a5357c542a9ac9ee85fd41d8505492551
e1f79489478c709cde7403767fdbe1e1a5e92f00758bbe2503fa56947f765f02
e2276d38dc3d70bc2e80598f636064fcc8e062cea85b8ce0d3038c1d23c932f8
e2b7009bd59dd919249cfe29dbf22131203baacc295b175daf5c850c9e4ee7d8
e31c10efdc6f9ab7c1e76851bb911c1a826c676e72ce705ed484986215ac4308
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff
eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9
ed38b48da0789fdc73296f6b06a9e1617c4b59cf1ae849fda0004a7a22414816
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
eea02350a885ad78757a2ce5b1cf0a6ef85f2ae5efc8b20d18c4dcc7ecbc95d6
eee4e357cd42e07f8cc61bcb7104f453fd180c16a8a90fcbf71a9842cbac29ce
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2645e554797a578477d38fceb78d8554e21092c5496c2fd15b6fd93d34f8b5c
f852c8647f4f12c9b4136fb514f492cfb6cea46e8fd808be776931d3ae9cf76a
f87e8135dd37ac5bdce2e3adc6442ef92f14606802a54a8cd82e73f97a19b44b
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
fd39a968fa9534bf4c70e2247105e37cb8b62d6a6bd516ed60edff5a25bb93ee

www.darkreading.com Open in urlscan Pro 2606:4700::6812:6e2f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

183 Requests

99 %HTTPS

62 %IPv6

26 Domains

39 Subdomains

37 IPs

5 Countries

2892 kBTransfer

9013 kBSize

22 Cookies

28 Outgoing links

Redirected requests

183 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6812:6e2f Public Scan

Screenshot
Live screenshot

Full Image

183
Requests

99 %
HTTPS

62 %
IPv6

26
Domains

39
Subdomains

37
IPs

5
Countries

2892 kB
Transfer

9013 kB
Size

22
Cookies

183 HTTP transactions
3 data transactions