www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Submission: On May 03 via api (May 3rd 2023, 2:10:13 am UTC) from TR — Scanned from DE

Summary HTTP 246 Redirects Links 47 Behaviour Indicators

Summary

This website contacted 53 IPs in 6 countries across 36 domains to perform 246 HTTP transactions. The main IP is 2606:4700::6811:7863, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 221587.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2606:4700::68... 2606:4700::6811:7863	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 28	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
10	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9062	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
5	13.32.99.33 13.32.99.33	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	151.101.1.131 151.101.1.131	54113 (FASTLY) (FASTLY)
1	23.37.51.81 23.37.51.81	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.16 13.32.99.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:6200:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.119 108.138.17.119	16509 (AMAZON-02) (AMAZON-02)
1	107.23.141.241 107.23.141.241	14618 (AMAZON-AES) (AMAZON-AES)
1	52.222.236.122 52.222.236.122	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.210.101 185.89.210.101	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.220.216.226 3.220.216.226	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:7763	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.69.12.150 3.69.12.150	16509 (AMAZON-02) (AMAZON-02)
1 2	142.0.173.15 142.0.173.15	7160 (NETDYNAMICS) (NETDYNAMICS)
5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	34.249.239.219 34.249.239.219	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
11	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
3	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
29	2.19.229.113 2.19.229.113	16625 (AKAMAI-AS) (AKAMAI-AS)
11	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	54.224.217.157 54.224.217.157	14618 (AMAZON-AES) (AMAZON-AES)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	79.125.102.197 79.125.102.197	16509 (AMAZON-02) (AMAZON-02)
1	3.214.24.142 3.214.24.142	14618 (AMAZON-AES) (AMAZON-AES)
2	2.19.229.28 2.19.229.28	16625 (AKAMAI-AS) (AKAMAI-AS)
34	18.66.112.43 18.66.112.43	16509 (AMAZON-02) (AMAZON-02)
3	35.170.120.67 35.170.120.67	() ()
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	() ()
246	53

36 2606:4700::6811:7863 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9062 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-33.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.131 (United States)

ASN54113 (FASTLY, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.51.81 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-51-81.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-16.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6200:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-119.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.23.141.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-141-241.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-122.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.101 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.220.216.226 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-216-226.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7763 (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.69.12.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-12-150.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.15 (Toronto, Canada) 1 redirects

ASN7160 (NETDYNAMICS, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.239.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-239-219.eu-west-1.compute.amazonaws.com

iirexhibitionslimite.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2.19.229.113 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-113.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.224.217.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-217-157.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.125.102.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-102-197.eu-west-1.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.24.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-24-142.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.229.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-229-28.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 18.66.112.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-43.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.170.120.67 (None, )

ASN- ()

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (None, )

ASN- ()

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	darkreading.com 2 redirects www.darkreading.com — Cisco Umbrella Rank: 221587 beta.darkreading.com — Cisco Umbrella Rank: 784324 c.darkreading.com trk.darkreading.com	971 KB
38	celtra.com ads.celtra.com — Cisco Umbrella Rank: 4536 cache-ssl.celtra.com — Cisco Umbrella Rank: 5405 track.celtra.com	1 MB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 166 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	227 KB
30	moatads.com z.moatads.com — Cisco Umbrella Rank: 681 geo.moatads.com — Cisco Umbrella Rank: 1045 px.moatads.com — Cisco Umbrella Rank: 712	675 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 177	488 KB
11	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 776	34 KB
10	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 48304	60 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 615	289 KB
7	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2930 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 130	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	294 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1617 t.teads.tv — Cisco Umbrella Rank: 2876	132 KB
5	informa.com static.iris.informa.com — Cisco Umbrella Rank: 118615	32 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 2828 in.ml314.com — Cisco Umbrella Rank: 13905	12 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3425 adservice.google.de — Cisco Umbrella Rank: 5261	1 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 16951 eu01.in.treasuredata.com — Cisco Umbrella Rank: 44582	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	21 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 60868 a.dpmsrv.com — Cisco Umbrella Rank: 51867	64 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 319	3 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 899 script.hotjar.com — Cisco Umbrella Rank: 1171	74 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 87	64 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 892138 assets.ubembed.com — Cisco Umbrella Rank: 17267	48 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	154 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 997	56 KB
1	twimg.com pbs.twimg.com	2 KB
1	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 10650	452 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 621	98 B
1	omtrdc.net iirexhibitionslimite.tt.omtrdc.net — Cisco Umbrella Rank: 503778	814 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1521	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 2090	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 10015	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1312	48 KB
1	gstatic.com fonts.gstatic.com	20 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 882	312 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1274	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3240	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 344	7 KB
246	36

	Domain	Requested by
34	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
28	securepubads.g.doubleclick.net	1 redirects www.darkreading.com www.googletagservices.com
28	beta.darkreading.com	www.darkreading.com beta.darkreading.com
23	px.moatads.com
11	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net
11	js-agent.newrelic.com	www.darkreading.com
10	eu-images.contentstack.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com
7	pagead2.googlesyndication.com	www.darkreading.com tpc.googlesyndication.com www.googletagservices.com
7	www.darkreading.com	1 redirects www.darkreading.com
6	z.moatads.com	securepubads.g.doubleclick.net
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	www.google.com	www.darkreading.com securepubads.g.doubleclick.net
5	static.iris.informa.com	www.darkreading.com
3	track.celtra.com
3	a.teads.tv	securepubads.g.doubleclick.net www.darkreading.com
3	www.google-analytics.com	www.darkreading.com
2	t.teads.tv
2	ml314.com	z.moatads.com ml314.com
2	cm.g.doubleclick.net	2 redirects
2	trk.darkreading.com	1 redirects www.darkreading.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	www.darkreading.com
2	www.google.de	www.darkreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.darkreading.com
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	www.youtube.com	www.darkreading.com
2	www.googletagmanager.com	www.darkreading.com
2	code.jquery.com	www.darkreading.com securepubads.g.doubleclick.net
1	pbs.twimg.com
1	in.ml314.com	ml314.com
1	geo.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	bam.eu01.nr-data.net	www.darkreading.com
1	e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com	www.darkreading.com
1	adservice.google.com	www.darkreading.com
1	adservice.google.de	www.darkreading.com
1	idsync.rlcdn.com	www.darkreading.com
1	iirexhibitionslimite.tt.omtrdc.net	www.darkreading.com
1	region1.analytics.google.com	www.googletagmanager.com
1	cdn.treasuredata.com	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	www.googleoptimize.com	www.darkreading.com
1	fonts.gstatic.com	www.darkreading.com
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
1	cdnjs.cloudflare.com	www.darkreading.com
246	56

This site contains links to these domains. Also see Links.

Domain
ve.informaengage.com
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
messages.blackhat.com
www.trendmicro.com
github.com
www.interop.com
www.networkcomputing.com
www.itprotoday.com
www.datacenterknowledge.com
www.omdia.com
info.wrightsmedia.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
tech.informa.com
www.informa.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2022-08-02` - `2023-07-22`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-02-23` - `2023-09-01`	6 months	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-10-09` - `2023-11-10`	a year	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-17` - `2023-07-18`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-02-21` - `2023-09-16`	7 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-02-13` - `2023-07-23`	5 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-09-01`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-17` - `2023-07-10`	3 months	crt.sh
celtra.com Amazon RSA 2048 M01	`2023-02-20` - `2024-02-07`	a year	crt.sh
ml314.com GTS CA 1D4	`2023-04-09` - `2023-07-08`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Frame ID: 9479047CF4406AC865763625C0D3004E
Requests: 159 HTTP requests in this frame

Frame: https://e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FAEFEC01BD032409DA134968FCF9E780
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFuXy3F1gsjEtkg4rya91SzlGnGOFOueCAKUqHhYUImM40g3NOL42SM-IIVIxN61SVdHW4L4ByUnGotI0rTNeIlRV8PMF4KgN83Z0vnIOBIBSN9zhAt8oV1DnpsnDYn7NXbq9U11GfcucKuo2pHGM8qC9rfn7KVcUNu4W43vgcvObWKZfVQyDFgiQV4RdRNslbq6K04980yU0BLvCaTM8k1TAKaOmUYr6156jZ8drqCnYwmc9FBMe_CRfJneTRJcjqt5URX-2Y6ijgI-RVng9QMNVI65ADCCp-w2VKmmffxdCrVKU4LaUXDYrHEVdBzcJpOFlOZmH5KXy9MlybJxvCBHG0t_Hwz0c1DsR8to2iDvb2tw&sai=AMfl-YSBHRZUyoM6cwablBg24gvyXHVR_EW7FtNPivu6cSqZVUP3fWkQE8pvsZ2R3ujoCpV76ZmnA7ZbP1tYbcL22YjnNU4G4AouZTARaQpaIGWO92KZ0KcqL7QC3_Sm2g&sig=Cg0ArKJSzEB3a1F-1q4BEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0EADCC0CFB9C5AE229E3ACCE2C3AC31F
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssebKNz7RzBTpCMyqGKwFY1U0f2jzZ4X80OhQHeK4ZlP6lLrvZzAw5sO9wtUei0O-EvKoRCGrpYKLf2zltsCXkq2fE2UDoEhhwLNdzr-ZUiV54SE08-LjLTAUK-KzrGOe5kFRIWDDf6U08dQWJhaIwQEHh2D67TjfVipPWEy_nxeVy1IUIrFoss4v-hD6kObFhp-COwrWgcF687oX1lRNqZ-mo4c2w2pLTYK7Pb1986Rt5jlxQytw4c0XCQRSQCO6igt-PVjC-a4HysK5qCv0cQwZ7IgH0zn5ErLFTpKuHIxOp7aWIKBM-aafQt6KaRhxloCBlV5M6iPO10OTunsXI5U-fjRaWDeeGb0kCcp5XuYvn0IvP8JHE1IeZT_lAOnoJlqxy9ncwRNbgR&sai=AMfl-YSO5LoDTbh0e_K_FPzyQ6kQGJjYmWamL2KKJ-PAlJR504i5fT1I2Qh4KziBc_gnpxabw6hWH80SJ2RpGJIP9PNFHkDyzYLDEj9a_LSH4SZvOmO6-dNbDi-Flw3TQQ&sig=Cg0ArKJSzCvwOJ83dphWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 0D0D95E7463F2A0C5928F1FBBA6E0E87
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4Ps71kZpSBCwqGfpVlr_jwXHgC_Jeeq7w0lNNMcaWPpK4_n3ryYdSL0bSficPFB3URr9VhkFOVDdeLejDERZtHyiWT38-EZLGRFrdAZSfZalC3Vuo-T77kq_RrztpWJHygM7MSI56cTTsg_uJ_y8d__ny8jLM08v398v6nTXl9wLfq-RXCDAQPYfm5G-uyszxjUS16v9O224UEzNUWHvo6C0hIZGh-FbieW8R6yHIKlMYdLGZi08Ef2VvJqRGLm2FrozUv8ZOjm4NOb6o8_Z2egdQPC8boh7kJ3e6mSDQVfP3G-yx3v4F1VgzXJSmNSG7xXe5XPH3G3HV92cHqOb5mandHU0Cbjab_2VjryRpowi6Mi5dtx4&sai=AMfl-YS7cEcY9jlB9IecTFsw2jh58MoM4ZUPBQ7dE0boc0JPPT0bAddOHRt699VaID5nWZCN93IIkxgDEgHcJNlkQ53RyUamht3EVjpIn0XXVJbWLA8O2jnEG-VrBNE8ygA&sig=Cg0ArKJSzLO3wpGZWQS7EAE&uach_m=[UACH]&adurl=
Frame ID: B87B6D4747447E27326C5327847CBABC
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDRZCm2j5Sg0lPEy2-OVenoejsMeklQn0Rq7q4F2qnMKTuaovyiaTWP886tZa6M1iYXfOg2mt_Uha32ewCiqERZuRYbxAq398nXUV5UeiYOhx8YoYIq9V531YbXeg7V2Dh5MndYHxhXRvLJiDNg0aCKWTPwn10sUfvavm3Yu4n9gjSWHHSoM41kw-FUg6u9AD2a6VrFwlt6UTBfpWYWDQX8ZQ8Opttg_F85SBG6P3GiZswJDGi6GtMD6pZxT5sQU0JpDddY-1RBdpwJzJCX6CvF0xjeaqSmDq7V20Hc_ZQToc7EqYYXdSnlB2nYiFiMnYkV7dvY6Jf6lJ-c4L_kbiRga0FnVPhNblNHEc7xTxIsWVb-JRwMQ0&sai=AMfl-YQdeq6rlqpWuFdOGxmPsjyUe29ir9av1Gkcg-GzivjxLTyyXLfhuIWxxQI_pRHUS6WwxleYhgR81tJeHy4xnZShJGBLYFGBL_vfdSgkxyfS9oYisD9TMizN9CQ13w&sig=Cg0ArKJSzGJ2f5hsazU9EAE&uach_m=[UACH]&adurl=
Frame ID: 3BB197BDEE089ACDE7557E2704D55A33
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ8CyIN5dzRArTjBZhQVl7AeeY5nZHSXNXoaHMT_Nq1imDt8YqOxmsUy3VMqOD5bOrUDyri8GiZqxVRzx4TE1SoSr4XuqKFqzCeAp2kYA6NBKQ1QaPuJqSg-8tIrrU5kWH8FHk0LJ1chLjwrFBwDeK32wEcLMe2bZlBgqazY5pvB18xvZ__bsE361Zv0e0BE5ZZ6dhOwhCkCeLe5W6xSYqGCLPa45pZ8TNSmxcVfjVL9XnMYGGwm1PpqtI3RzEwt-1HMTC4FS-NUeR_0WHTJqAvNJWu_2JksW2kumxwuP59uEHj7mDzKmWQwyLt-OXZbWwSt4egf0UiEpov0h_jrrXBmsBUQK0KAReAhIt0PLp60LNqUDhc0Q&sai=AMfl-YRL-dfriWVbjGCgaxIfGsfnJ1As7rRC7pba2N1M6Ifh6QoBAqYqGh1Bq25FnyxensGs_E4WFk8YQph5A9Y0KLIjTq_AJBNZcXp5cUFIqzkId63M6YTFmvXIl2WnrNE&sig=Cg0ArKJSzJ6GSmKPbbyPEAE&uach_m=[UACH]&adurl=
Frame ID: 8A0FEA980363BAABEACCA2C318F7D24E
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLHZ2Z2zbi_JHhUkkbp4HnSwxHJd0oUGS184V6_olb2YG38weuAcoz29wVniT3YgwO7zg46P3L29xxqhbd_rmDblvgD1fG7PE5PxOBpJnGhZXFNHmxPrygY-55dSjVy6OQMzFyS-KDamsg563pJKc5HaOT1H2uoZvkNh1tYK2z3lPhEGqqppdUqjDlDbZ6O5N0NRvWYmA2Z2cC7EWJVksFovsdRc9i0ql8AnWX069N6eebgsiu40bIHWZ0TcgzggTGvPjsZu2n_bxd7BuCFPss3VhgMb864W_9VkjufWsCAsQ8MBBuRttq0ejUPy1FISxF8RXtG1x1H7IaxN1J5tUoK05tpdhcBrVlsI71f1TpABcGw9I_BsGaqYM&sai=AMfl-YQD5To6IPNOGK0GgfeuNLTOabZVF0vHtzZb8mUvHyaV96E52NHvJxvYOvWnvgZ5uy5OGiVJUql9pqR5fhV18RAcFkKEC58PBHyVItWo1qr8WvPCNzNZHgmp3T7ALNM&sig=Cg0ArKJSzCjMuN5vQ3BqEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B20BDA4AD15D8BF3F2AAF0AF5055267E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBtadVzz-Rcu3t9W7GglnZhzfQE78wtpdTuWZZdS4m47aTsOqsBz1Tp0LhrzwIJHF2LC2xpA-FDyERWVo2jA8aKI8M0UjsYlJLOaTxIJSvbYVSwZu2Kh7FI4PNoypBqdMTOlcIWgzjRmJhz4vrd7iu35LOumFNOPlYHgEDiR7Ckk3TKZHXuHduqv3HmhRhrkPXD90N616WGJILbqgJ7rUHoqh1wwC99CpZTfFDd5yhLYx2fXT41E9riUw6O57Bz-_EtfVKoUxeI4jRk6M9WIyRUkeTFEDEDygxpZJOO2yTgFoQqvtcJy549ghSpBcipkTwM1uzN0iB-mr8VwDKc479os6u8w6Sf1sAfSU43vMuGQC7LMekyfY&sai=AMfl-YTF6XjK9q1njLjRSGx1xuIPkrSu4LuC2KW36SJGi47c4VXWUx1PZr-bXEjO4s4HnJly8UcEDvw3LaKnMOPgm_z959uBjBh1L5r6duv14dbQc8P4eQ-UvrMiv9mL2wQ&sig=Cg0ArKJSzLHucJpXjSuiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 295BD81FF38B7A1412626E0C25A8D957
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6489CA309B4F33EB3A962D17AC2D1DA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BA400A335AA35C98AD17598338172A9B
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Open+Sans:700/3_webfont.woff2?subset=BRTcegilorstuw
Frame ID: A2BE93F8708E9C23EB4ADF84EEDF10F4
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

APT41 Subgroup Plows Through Asia-Pacific, Utilizing Layered Stealth TacticsCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

246
Requests

98 %
HTTPS

48 %
IPv6

36
Domains

56
Subdomains

53
IPs

6
Countries

5109 kB
Transfer

12710 kB
Size

39
Cookies

47 Outgoing links

These are links going to different origins than the main page.

URL: https://ve.informaengage.com/virtual-events/dr-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?kcode=sbx&cid=smartbox_techweb_session_16.500296&_mc=smartbox_techweb_session_16.500296
Title: Anatomy of a Data Breach - A Dark Reading June 22 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500287&_mc=smartbox_techweb_session_16.500287
Title: Black Hat USA - August 5-10 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_sysf05&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001290&_mc=smartbox_techweb_upcoming_webinars_8.500001290
Title: What's "CNAPP-ening"? Bring Your Cloud Security into Focus!

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_knoc89&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001291&_mc=smartbox_techweb_upcoming_webinars_8.500001291
Title: Artificial Intelligence, ChatGPT and Cybersecurity: A Match Made in Heaven or a Hack Waiting to Happen?

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/Security
Title: White Papers >

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper
Title: Tech Library >

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header
Title: Newsletter

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf45&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4076&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite
Title: Report

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/en_us/research/23/e/attack-on-security-titans-earth-longzhi-returns-with-new-tricks.html
Title: details of a new campaign

Search URL Search Domain Scan URL

URL: https://github.com/rebeyond/Behinder
Title: Behinder Web shell

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj39&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005381&_mc=smartbox_techweb_whitepaper_14.500005381
Title: ESG Report: Automated Application Security Testing for Faster Development

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_invj40&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005380&_mc=smartbox_techweb_whitepaper_14.500005380
Title: Welcome to Modern Web App Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa4088&ch=sbx&cid=smartbox_techweb_analytics_7.300005984&_mc=smartbox_techweb_analytics_7.300005984
Title: Successfully Managing Identity in Modern Cloud and Hybrid Environments

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3977&ch=sbx&cid=smartbox_techweb_analytics_7.300005981&_mc=smartbox_techweb_analytics_7.300005981
Title: The 10 Most Impactful Types of Vulnerabilities for Enterprises Today

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_dark59&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001292&_mc=smartbox_techweb_upcoming_webinars_8.500001292
Title: Unleashing AI to Assess Cybersecurity Risk

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_autp21&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001285&_mc=smartbox_techweb_upcoming_webinars_8.500001285
Title: Puzzled by Patching: Solve Endpoint Pains

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo192&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001294&_mc=smartbox_techweb_upcoming_webinars_8.500001294
Title: Building the SOC of the Future: Next-Gen Security Operations

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3940&ch=sbx&cid=smartbox_techweb_analytics_7.300005980&_mc=smartbox_techweb_analytics_7.300005980
Title: Shoring Up the Software Supply Chain Across Enterprise Applications

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_darl08&ch=sbx&cid=smartbox_techweb_analytics_7.300005973&_mc=smartbox_techweb_analytics_7.300005973
Title: The Promise and Reality of Cloud Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa3521&ch=sbx&cid=smartbox_techweb_analytics_7.300005970&_mc=smartbox_techweb_analytics_7.300005970
Title: 10 Hot Talks From Black Hat USA 2022

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa4023&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005374&_mc=smartbox_techweb_whitepaper_14.500005374
Title: Cybersecurity Maturity Model Certification (CMMC) Version 1.02

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza04&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005363&_mc=smartbox_techweb_whitepaper_14.500005363
Title: The Cloud Security Workflow Handbook

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza03&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005362&_mc=smartbox_techweb_whitepaper_14.500005362
Title: 2023 Cloud Threat Report

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/?cid=smartbox_techweb_session_16.500286&_mc=smartbox_techweb_session_16.500286
Title: Black Hat Asia - May 9-12 - Learn More

Search URL Search Domain Scan URL

URL: https://www.interop.com/
Title: Interop

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/
Title: InformationWeek

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://www.itprotoday.com/
Title: ITPro Today

Search URL Search Domain Scan URL

URL: https://www.datacenterknowledge.com/
Title: Data Center Knowledge

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://www.omdia.com/
Title: Omdia

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

URL: https://tech.informa.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://tech.informa.com/cookie-policy
Title: Cookies

Search URL Search Domain Scan URL

URL: https://tech.informa.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://tech.informa.com/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssvJONVdMRuG83lIHGjngBuhrwbEZ5O3-zhH6hj2QLjMZxpLcyBwq6QbxwT1EnQ4ESaz3IxzhO8XtzZ2piaWZKI9X5kugwSTT7U3QvbQL7pDaEXwxPPSt3dmR7-XuT_edjVKJIL5WnmWjtvPsjwkhIkEL4eVeYmF-drlEGKbHt5XPwjKEbsEW6FMcC4kkD_x610YHtRMOKT4E-LUCpE_WuyhowpWZ3mlmzc_FW6HIKrpRaXFqV61FeOpKhjR2wk4VLnVFWfQyKAunVZ39rPYpXVDCULxLGQhRoOBCXHwEFkZEs1LNYMONCJ6uMQsH9D5bwOwqyG6qtsojLOeqOpx6liNjbFfHC2ChKkWKALEEXVEM6L5GE&sai=AMfl-YTw5GFlC63KRRZWqKdR0czs3ooDTc3O8ufd28b6G2cLavAuz8R4o-8GoM1FG37UrPsXsBhAYI4YePY7DDeswpX6BZf-WV_0bvG56h6Au62G5mCAG4DlSwBGC-HW4u0&sig=Cg0ArKJSzFM4zSgk2QQWEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.extrahop.com/company/blog/2023/detecting-cobalt-strike-with-extrahop-reveal-x/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D329057%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fvulnerabilities-threats%252Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D329057%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fvulnerabilities-threats%25252Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=8173631857864348275&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=329057&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Request Chain 91

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ref2=elqNone&tzo=0&ms=916&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ref2=elqNone&tzo=0&ms=916&optin=disabled&elq1pcGUID=BFBC314441A441668F2E290BF9EA2E80

Request Chain 96

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8173631857864348275&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=8173631857864348275&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8173631857864348275&pixelIndex=0&google_gid=CAESEFbQ0p3eYnFQuuk-7sa-wTw&google_cver=1

Request Chain 134

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssebKNz7RzBTpCMyqGKwFY1U0f2jzZ4X80OhQHeK4ZlP6lLrvZzAw5sO9wtUei0O-EvKoRCGrpYKLf2zltsCXkq2fE2UDoEhhwLNdzr-ZUiV54SE08-LjLTAUK-KzrGOe5kFRIWDDf6U08dQWJhaIwQEHh2D67TjfVipPWEy_nxeVy1IUIrFoss4v-hD6kObFhp-COwrWgcF687oX1lRNqZ-mo4c2w2pLTYK7Pb1986Rt5jlxQytw4c0XCQRSQCO6igt-PVjC-a4HysK5qCv0cQwZ7IgH0zn5ErLFTpKuHIxOp7aWIKBM-aafQt6KaRhxloCBlV5M6iPO10OTunsXI5U-fjRaWDeeGb0kCcp5XuYvn0IvP8JHE1IeZT_lAOnoJlqxy9ncwRNbgR&sai=AMfl-YSO5LoDTbh0e_K_FPzyQ6kQGJjYmWamL2KKJ-PAlJR504i5fT1I2Qh4KziBc_gnpxabw6hWH80SJ2RpGJIP9PNFHkDyzYLDEj9a_LSH4SZvOmO6-dNbDi-Flw3TQQ&sig=Cg0ArKJSzCvwOJ83dphWEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/simgad/12011975891451782022? HTTP 302
https://tpc.googlesyndication.com/simgad/12011975891451782022

Request Chain 190

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png HTTP 302
https://www.darkreading.com/404

246 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics Show response
www.darkreading.com/vulnerabilities-threats/ 487 KB
76 KB 488ms
462ms Document
text/html 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41ef81d6f571298e0209e804b325b90b9ae06f8cbfe65f942536552e496caceb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7c14f736cf3c1917-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 03 May 2023 02:10:06 GMT
server: cloudflare
vary: Accept-Encoding, Origin
x-proxy-by: https://www.darkreading.com

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 72ms
26ms Script
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /FIp/4zYapfYlY6Lvx04NA==
age: 19683
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3126707b-901e-017e-65e1-5a017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73a1c05bbfe-FRA
expires: Thu, 04 May 2023 02:10:07 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 69ms
24ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: rpnZu/dYNZPLIh9pLOSMrg==
age: 22225
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6757
x-ms-lease-status: unlocked
last-modified: Tue, 02 May 2023 02:12:13 GMT
server: cloudflare
etag: 0x8DB4AB2A524751F
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f1d3cdb4-c01e-014f-4c2b-7d5aab000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73a1c08bbfe-FRA

GET
H2 200 adsensebase.js Show response
beta.darkreading.com/js/prebid-ads/ad_utils/ 24 B
201 B 123ms
112ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 16:58:59 GMT
server: cloudflare
etag: W/"18-187c3a76038"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7c14f739d92f1917-FRA
content-length: 24
expires: Wed, 03 May 2023 04:10:07 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 162ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8b05c68229751e6975553a4f9000ed8abd9c1a4e7aa4e56f4ef3eaf375265a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24841
x-xss-protection: 0
server: cafe
etag: 418 / 19480 / m202304270101 / config-hash: 14990455208619021522
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:07 GMT

GET
H2 200 4d90ad636859e6d5.css
beta.darkreading.com/_next/static/css/ 410 KB
60 KB 34ms
23ms Stylesheet
text/css 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 4114379
etag: W/"66670-186ea17be30"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f739d92e1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 webpack-3ce7f1753013b3ec.js Show response
beta.darkreading.com/_next/static/chunks/ 4 KB
2 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-3ce7f1753013b3ec.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 4114379
etag: W/"ef3-186ea17be30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73a99a11917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 framework-70134ee1270fb32c.js Show response
beta.darkreading.com/_next/static/chunks/ 128 KB
42 KB 26ms
24ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework-70134ee1270fb32c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"1fec8-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aa9d41917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 main-9bc1cfd325d1370f.js Show response
beta.darkreading.com/_next/static/chunks/ 111 KB
30 KB 22ms
19ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-9bc1cfd325d1370f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"1bd10-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aa9d71917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 _app-dbedff49d537494d.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 497 KB
158 KB 37ms
34ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-dbedff49d537494d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 16 Mar 2023 11:04:30 GMT
server: cloudflare
age: 4114379
etag: W/"7c38f-186ea17be30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aa9d81917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 af537566-88286964f7a0b5d1.js Show response
beta.darkreading.com/_next/static/chunks/ 269 KB
80 KB 29ms
26ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/af537566-88286964f7a0b5d1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"43344-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aa9d91917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 80f08544-c91db5296fc68d77.js Show response
beta.darkreading.com/_next/static/chunks/ 72 KB
19 KB 23ms
21ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/80f08544-c91db5296fc68d77.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 7849072
etag: W/"11e1b-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aa9da1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 265-2f47a5945553d0a6.js Show response
beta.darkreading.com/_next/static/chunks/ 49 KB
17 KB 17ms
17ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/265-2f47a5945553d0a6.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"c216-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73ac9e71917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 106-6e732169920a1a66.js Show response
beta.darkreading.com/_next/static/chunks/ 8 KB
3 KB 17ms
16ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/106-6e732169920a1a66.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"1eec-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73ac9ee1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 330-44b99de39ae2ad82.js Show response
beta.darkreading.com/_next/static/chunks/ 91 KB
29 KB 23ms
23ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/330-44b99de39ae2ad82.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"16df9-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73ac9ef1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 410-87a058ee18a2e683.js Show response
beta.darkreading.com/_next/static/chunks/ 179 KB
52 KB 29ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/410-87a058ee18a2e683.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"2cbc2-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73ad9f41917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 644-10fece11b4038bdb.js Show response
beta.darkreading.com/_next/static/chunks/ 18 KB
7 KB 26ms
26ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/644-10fece11b4038bdb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
cf-polished: origSize=18434
etag: W/"4802-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73ad9fa1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 727-cb4d0a5251be82c9.js Show response
beta.darkreading.com/_next/static/chunks/ 7 KB
2 KB 19ms
16ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/727-cb4d0a5251be82c9.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"1ad3-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aea011917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 353-c5fb30de1cdcd743.js Show response
beta.darkreading.com/_next/static/chunks/ 115 KB
28 KB 19ms
19ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/353-c5fb30de1cdcd743.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 7849071
cf-polished: origSize=117839
etag: W/"1cc4f-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73aea031917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 314-d27066328fe72a2d.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 21ms
21ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/314-d27066328fe72a2d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468809
etag: W/"20a76-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73afa0f1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 274-e20cb371d1281709.js Show response
beta.darkreading.com/_next/static/chunks/ 135 KB
43 KB 27ms
26ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/274-e20cb371d1281709.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 7849070
etag: W/"21d94-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b0a1d1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 244-ff3831dc21292b31.js Show response
beta.darkreading.com/_next/static/chunks/ 53 KB
14 KB 30ms
29ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/244-ff3831dc21292b31.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 463814
etag: W/"d4e2-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b0a1f1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 497-8d7ba2757a8dafee.js Show response
beta.darkreading.com/_next/static/chunks/ 17 KB
6 KB 28ms
27ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/497-8d7ba2757a8dafee.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 02 Mar 2023 12:10:22 GMT
server: cloudflare
age: 5320088
etag: W/"443d-186a23b03b0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b0a201917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 411-d3fb60788f626717.js Show response
beta.darkreading.com/_next/static/chunks/ 14 KB
3 KB 28ms
28ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/411-d3fb60788f626717.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 15:49:04 GMT
server: cloudflare
age: 468808
etag: W/"399e-187c3675d80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b0a211917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 424-e8fa1fe0f531e88a.js Show response
beta.darkreading.com/_next/static/chunks/ 80 KB
15 KB 28ms
26ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/424-e8fa1fe0f531e88a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 463814
etag: W/"141ac-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b0a251917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 %5BhybidPage%5D-f6822043d08df330.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 37 KB
11 KB 25ms
24ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-f6822043d08df330.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 110215
etag: W/"93f1-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b1a2b1917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 3 KB
1 KB 17ms
16ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81d50aff02889109dbd93d915814d4b8cabd50d108b081827416f8d5dfb8f87d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:01:57 GMT
server: cloudflare
age: 463814
etag: W/"c10-187c3aa1788"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b3a441917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 91 B
137 B 23ms
21ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:02:19 GMT
server: cloudflare
age: 463814
etag: W/"5b-187c3aa6d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b3a461917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 _middlewareManifest.js Show response
beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/ 92 B
149 B 19ms
17ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/C2tjWCko0KV7QDScNLDsq/_middlewareManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 27 Apr 2023 17:02:19 GMT
server: cloudflare
age: 463814
etag: W/"5c-187c3aa6d78"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73b3a471917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 Earth-Globe-Iulia_Bycheva-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltc0a364a809e0d436/64517fde2303c427c81c0048/ 35 KB
35 KB 53ms
11ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltc0a364a809e0d436/64517fde2303c427c81c0048/Earth-Globe-Iulia_Bycheva-Alamy.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7df0d18e6174b50b7fabed5713eb475cca055943d92809a31e85f45329d9e5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 17055
x-cache: HIT, HIT
fastly-io-info: ifsz=1123760 idim=3840x2160 ifmt=jpeg ofsz=35718 odim=690x388 ofmt=webp
filename1: custom
content-disposition: inline; filename=Earth-Globe-Iulia_Bycheva-Alamy.webp
fastly-stats: io=1
content-length: 35718
x-request-id: 31181
x-served-by: cache-ams21064-AMS, cache-fra-eddf8230114-FRA
x-runtime: 44ms
x-timer: S1683079807.186963,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "4Jvdjq52CMBklwx86cqZFYTDV5uh+Kc1GC2V1KWKbOs"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 74ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1683079807.dop125.am5.t,1683079807.cds007.am5.hn,1683079807.cds294.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 30ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 110931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8j2YqmYllo9NlWtc9tH6PTYqZAmCSQW9xJ0AXQrNQ8O7ygw7fWQS0OwWiDG4%2Fvxt39NTvKUiBQ7j7FUI5giWn138%2FmqiRcBu7ijfuuSHr0AUiiQapzRauTB0XNdY1Xp8LvhhgwJ98LoqcCWd5slX4z3k"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c14f73acaba1979-FRA
expires: Mon, 22 Apr 2024 02:10:07 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 59ms
29ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718, 718
age: 27295964
cdn-cachedat: 2021-06-08 13:25:52
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: e3aee88c21b6991cd8d4728d630f1246
timing-allow-origin: *
cdn-requestcountrycode: US
cf-ray: 7c14f73b0fdd92bd-FRA
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 19ms
11ms Image
image/png 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 704596
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 46209
x-served-by: cache-ams12733-AMS, cache-fra-eddf8230114-FRA
x-runtime: 69ms
x-timer: S1683079807.186970,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "FBb/Cijd5djg1i0f+YDwTH/riGkit5+W1YBTK34Yz3o"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2190, 1

GET
H2 200 v52afc6f149f6479b8c77fa569edb01181681764108816 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 78ms
46ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v52afc6f149f6479b8c77fa569edb01181681764108816
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
last-modified: Mon, 17 Apr 2023 20:41:48 GMT
server: cloudflare
etag: W/2023.4.2
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7c14f73b0d413816-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 37ms
22ms XHR
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: gKK4h+x/dMka9W5jOr1Sww==
age: 19682
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73a587cbbef-FRA
expires: Thu, 04 May 2023 02:10:07 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
312 B 76ms
30ms XHR
application/json 2606:4700:4400::ac40:9062
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9062 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7c14f73acdb1bbc1-FRA
access-control-allow-headers: Content-Type

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
70 KB 154ms
69ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66195863737f757919b892f6ca9cba149b964fe24cf653ac0df066ea6e610d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71566
x-xss-protection: 0
last-modified: Wed, 03 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 03 May 2023 02:10:07 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pdf.fd517ede.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 22ms
21ms Image
image/png 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.fd517ede.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/4d90ad636859e6d5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 7849070
cf-polished: origSize=11781
etag: W/"2e05-185e8703d60"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7c14f73ad9fb1917-FRA
content-length: 8484
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 119ms
35ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 03:09:58 GMT
x-content-type-options: nosniff
age: 428409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Apr 2024 03:09:58 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 25ms
22ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 79243
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73b1cadbbfe-FRA

GET
H2 200 78.c180425dea40d393.js Show response
beta.darkreading.com/_next/static/chunks/ 3 KB
1 KB 18ms
18ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/78.c180425dea40d393.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 25 Jan 2023 10:19:08 GMT
server: cloudflare
age: 7849070
etag: W/"a48-185e8703d60"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7c14f73c3ac21917-FRA
expires: Thu, 02 May 2024 02:10:07 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v2.0/ 7 KB
3 KB 183ms
7ms Script
application/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:30:19 GMT
x-amz-version-id: ID.rFhUQG21hU9hnrAlmgiwMuXmUIHpx
content-encoding: br
last-modified: Wed, 15 Feb 2023 16:44:30 GMT
server: AmazonS3
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"2e8cb32ecd32a154a16f47e5344c4733"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 59989
x-amz-cf-id: -CtLbMIRZcLBSGKg8Bz3kH2pgRv2jil2JTY5nth-_prAISIA5_qycA==

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
404 B 115ms
115ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
tracestate: 3288925@nr=0-1-3288925-322548631-79153b851e1c6cfe----1683079807425
traceparent: 00-6488b4cdf928f31b8880b38effef2800-79153b851e1c6cfe-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiNzkxNTNiODUxZTFjNmNmZSIsInRyIjoiNjQ4OGI0Y2RmOTI4ZjMxYjg4ODBiMzhlZmZlZjI4MDAiLCJ0aSI6MTY4MzA3OTgwNzQyNX19

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c14f73c6ad81917-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
204 B 387ms
386ms Fetch
application/json 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
tracestate: 3288925@nr=0-1-3288925-322548631-484b7685f4a9c253----1683079807425
traceparent: 00-3939899ac321596e233a98543e2eca00-484b7685f4a9c253-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiNDg0Yjc2ODVmNGE5YzI1MyIsInRyIjoiMzkzOTg5OWFjMzIxNTk2ZTIzM2E5ODU0M2UyZWNhMDAiLCJ0aSI6MTY4MzA3OTgwNzQyNX19

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7c14f73c6ada1917-FRA
content-length: 2

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ 5 KB
2 KB 9ms
8ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 704595
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230114-FRA
x-runtime: 99ms
x-timer: S1683079807.425320,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 8, 1

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
1 KB 9ms
8ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 704597
x-cache: HIT, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-length: 1177
x-request-id: 279
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230114-FRA
x-runtime: 79ms
x-timer: S1683079807.425308,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/ 3 KB
4 KB 11ms
9ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/Nate-Nelson_(1).jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 704598
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: 60071
x-served-by: cache-ams21023-AMS, cache-fra-eddf8230114-FRA
x-runtime: 169ms
x-timer: S1683079807.426092,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 87, 1

GET
H2 200 crop_playbook_Panther_Media_GmbH_Alamy.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/ 1 KB
2 KB 11ms
10ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltfbc8835d295a8667/6427292ca17bce665a84be0f/crop_playbook_Panther_Media_GmbH_Alamy.png?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 704595
x-cache: HIT, HIT
fastly-io-info: ifsz=108374 idim=640x320 ifmt=png ofsz=1320 odim=100x50 ofmt=webp
filename1: custom
content-disposition: inline; filename=crop_playbook_Panther_Media_GmbH_Alamy.webp
fastly-stats: io=1
content-length: 1320
x-request-id: 6580
x-served-by: cache-ams12735-AMS, cache-fra-eddf8230114-FRA
x-runtime: 125ms
x-timer: S1683079807.426185,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "031m2nqL3GZ7xf6UXa44q+TwU+kiCqyZg9v8qMcbICg"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 23, 1

GET
H2 200 machinelearning_Wright_Studio_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltbebaf675082f5c32/643472d385bd3b0bdb8f309a/ 2 KB
2 KB 11ms
10ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltbebaf675082f5c32/643472d385bd3b0bdb8f309a/machinelearning_Wright_Studio_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

584e18559bbb004441536d357452aa863692edb0be74bb1ebc53cfad23b2ef44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 704595
x-cache: HIT, HIT
fastly-io-info: ifsz=659976 idim=1000x563 ifmt=jpeg ofsz=1844 odim=100x56 ofmt=webp
filename1: custom
content-disposition: inline; filename=machinelearning_Wright_Studio_shutterstock.webp
fastly-stats: io=1
content-length: 1844
x-request-id: 98079
x-served-by: cache-ams12744-AMS, cache-fra-eddf8230114-FRA
x-runtime: 86ms
x-timer: S1683079807.426201,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "RTPlADJWps13ECB/13PzNVjreGWnBEwSrAcyDgIg3s8"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1159, 1

GET
H2 200 lastpass_II.studio_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt7ec9a27c8b7b6708/638916c337b5726463193bbf/ 1 KB
2 KB 10ms
9ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt7ec9a27c8b7b6708/638916c337b5726463193bbf/lastpass_II.studio_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9dff15c6576770a67939c29928d8e31ff30ecc041354b5eecacc82bbe51aafa2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 704595
x-cache: HIT, HIT
fastly-io-info: ifsz=502654 idim=1000x667 ifmt=jpeg ofsz=1464 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=lastpass_II.studio_shutterstock.webp
fastly-stats: io=1
content-length: 1464
x-request-id: 57797
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230114-FRA
x-runtime: 114ms
x-timer: S1683079807.425686,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "87ok/rKjw0SpsLSd6414KNjeZfG21Jz7QBkotye4zts"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H2 200 fin7_ozrimoz_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt59b1ed0e12319538/643db1eb2b3e6c10dd5c97f5/ 1 KB
1 KB 9ms
9ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt59b1ed0e12319538/643db1eb2b3e6c10dd5c97f5/fin7_ozrimoz_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8b95abe7fc24dcfcb2a39ba7887760551af01a59b680371c08bf45be52f5fdb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 704595
x-cache: HIT, HIT
fastly-io-info: ifsz=706331 idim=1000x573 ifmt=jpeg ofsz=1218 odim=100x57 ofmt=webp
filename1: custom
content-disposition: inline; filename=fin7_ozrimoz_shutterstock.webp
fastly-stats: io=1
content-length: 1218
x-request-id: 70030
x-served-by: cache-ams12749-AMS, cache-fra-eddf8230114-FRA
x-runtime: 196ms
x-timer: S1683079807.425682,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qkNTeBch8G4CTnNekNiKfMVF1AFbcWcp+Y4pDOzl4rA"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 1

GET
H2 200 image
www.darkreading.com/_next/ 654 B
879 B 116ms
116ms Image
image/webp 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=https%3A%2F%2Fbeta.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-security-policy: script-src 'none'; sandbox;
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
content-disposition: inline; filename="iribbon-logo.webp"
cf-ray: 7c14f73c6adc1917-FRA

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/ 398 KB
123 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 21:53:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15393
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126154
x-xss-protection: 0
server: cafe
etag: 17925783384364415813
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 01 May 2024 21:53:34 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 54 B
68 B 121ms
45ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a6fa14cfa3cdcf85341187d29abcda5038766aab39a879ea09d993d5423d1ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:07 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 21ms
21ms Fetch
application/x-javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
age: 52384
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 86b120cf-e01e-013e-67e1-5a2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73cba85bbef-FRA
expires: Thu, 04 May 2023 02:10:07 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 125 KB
48 KB 142ms
50ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3877d41650a514a8d5ac7b902c21deb8875eb1459ecd1dcb7e02fb3bb2a3f722

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 48789
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 02:10:07 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 479 B
761 B 40ms
7ms Script
application/json 151.101.1.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: be5f099a5361b1b0cf95c08d4f30774a6c9a32371fc8c236b0857764f1ef1baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
x-backend-region: eu_west_1
x-amz-cf-pop: FRA56-P3
age: 1681
etag: W/aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.0
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
accept-ranges: none
x-amz-apigw-id: EUpNUGLkDoEFvwA=

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 256ms
13ms Script
application/x-javascript 23.37.51.81
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.37.51.81 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-51-81.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Wed, 03 May 2023 02:10:07 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Wed, 11 Jan 2023 20:34:04 GMT
ETag: "39c1adbfc25d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Wed, 03 May 2023 02:10:07 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 747 KB
62 KB 52ms
9ms Script
application/x-javascript 13.32.99.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-16.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 02 May 2023 16:25:24 GMT
Content-Encoding: gzip
Via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Sep 2022 16:23:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 35084
ETag: "4c2c9bc43f06a59cee56d3211f043fa3"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63462
X-Amz-Cf-Id: 5Oirv7VFLGhsVVXncjE_1M8bjF7YhImoJd72gqkDtJhCb7BkTpwDYw==

GET
H2 200 iframe_api Show response
www.youtube.com/ 1 KB
2 KB 132ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fa0508572bc08a5cde3bd8041250e70364fec655c6513e73cb8dfb6a040f8c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Wed, 03 May 2023 02:10:07 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 14 KB
6 KB 68ms
39ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

675bffd297e39d40cdda2a763e1c9eb6ddca95de192f33f52a924e47f9e099de

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2af4ee189e50805a67bd62bbd51ad0dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/cf3d2619aaa127b295d3ef8771349ee5
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
x-amz-cf-id: gQUfVHMlKZWuL_YiAJbgjxt26E2CMtjmJlRE1-awxIGg7PL3HNmXlw==

GET
H2 200 adobe-target.js Show response
beta.darkreading.com/js/third-party/ 191 KB
42 KB 474ms
474ms Script
application/javascript 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/third-party/adobe-target.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 27 Apr 2023 16:58:59 GMT
server: cloudflare
etag: W/"2fa26-187c3a76038"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7c14f73cfb241917-FRA
expires: Wed, 03 May 2023 04:10:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 113ms
34ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 03 May 2023 00:35:44 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5663
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 03 May 2023 02:35:44 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 44ms
8ms Script
application/x-javascript 2600:9000:2057:6200:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 01:10:22 GMT
content-encoding: gzip
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
last-modified: Thu, 08 Dec 2022 17:25:10 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 3585
etag: W/"63921df6-9377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: aukPhyw6vVK21GRP0RYpJDFN2DT41nCorymJIYKs1tWBwnzd2BAV9g==
expires: Thu, 04 May 2023 01:10:22 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 31ms
7ms Script
application/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 09:30:24 GMT
x-amz-version-id: HcerYY2f5.DoKJ.hjtbegnr29y5KQGEN
content-encoding: br
last-modified: Tue, 25 Apr 2023 09:00:39 GMT
server: AmazonS3
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"c38ba007b23d2b241c1008f782a80ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 59984
x-amz-cf-id: agb_xFxPllAMvf5RtxKpMCYZ77doHFi7L38Y0Nb-dUcIRKiT1uw6aQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 249 KB
84 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57fe8d28cca4c533612d2672befd03a270ce5b11102e3e483bd2b96c7baf8136

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 03 May 2023 02:10:07 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 16ms
16ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 22002
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73d1acabbef-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 16ms
16ms Fetch
application/json 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 22002
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82d0c884-001e-00f7-54e1-5afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73d1acbbbef-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 16ms
16ms Fetch
text/css 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 22002
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 372018e9-a01e-001f-18e1-5a03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c14f73d1acdbbef-FRA

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.0/ 174 KB
48 KB 48ms
8ms Script
application/javascript 108.138.17.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.0/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-119.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 14 Mar 2023 18:00:56 GMT
content-encoding: gzip
via: 1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 20:53:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 4262952
etag: W/"1a08556fd14aad311b6d4906f59fef42"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: j3E79RqxK57CzYfHRb_PHBN6ykLP5e54aNucQwvDDkcFwDwYRmoCEw==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 28ms
28ms Image
image/jpeg 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 49856
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b3e3f85e-601e-00e7-74e1-5ac8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7c14f73dde9fbbfe-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 22ms
21ms Image
image/svg+xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 25223
x-ms-lease-status: unlocked
last-modified: Tue, 02 May 2023 02:12:16 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: f40216a1-e01e-00d4-1d1b-7d91c6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7c14f73ddea0bbfe-FRA

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 336ms
113ms Image
image/gif 107.23.141.241
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&u=BndqxIBASkTaBjw65L&d=darkreading.com&g=53678&g0=vulnerabilities-threats&g1=nate%20nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3509&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&b=1171&t=D-x35aClS1doBDk6SfCvL7L3D3Rngt&V=139&i=APT41%20Subgroup%20Plows%20Through%20Asia-Pacific%2C%20Utilizing%20Layered%20Stealth%20Tactics&tz=0&sn=1&sv=Cl6-ayCcgF0kD7qd17Bnt7zNDXxr4h&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.141.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-141-241.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 03 May 2023 02:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 modules.50a80ed62b384955a8b2.js Show response
script.hotjar.com/ 263 KB
68 KB 38ms
9ms Script
application/javascript 52.222.236.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.50a80ed62b384955a8b2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-122.fra56.r.cloudfront.net

Software

Resource Hash

e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 28 Apr 2023 11:06:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c9499008aa7e1acd11e9fbc171281d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 399840
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69259
last-modified: Fri, 28 Apr 2023 11:05:08 GMT
etag: "64d5841f997872b89ef043f224290bdf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: FF3wlS0tQgbdSLAC5Phac0Ih9VoDVOzNvW3ctlD8jtRkrBVEUre02g==

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 156ms
141ms Fetch
binary/octet-stream 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Wed, 03 May 2023 02:10:08 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: _x1v3Y8QXio5dYiZky442unYgdKnyDCSQePHPn7S3AWZTpoTsr2KMQ==

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
489 B 157ms
142ms Fetch
binary/octet-stream 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Wed, 03 May 2023 02:10:08 GMT
via: 1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: vllg0a4wZntedzqacujfHXOol9pJrfuL77pYatSC2R9jq1iparbH4w==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 8ms
7ms Script
application/javascript 13.32.99.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-33.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 3296b04068551f925d5fafd1b785ff30.cloudfront.net (CloudFront)
date: Tue, 02 May 2023 22:42:35 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 22575
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: L4-enb3wA-6erf8MfQLXot1jeRVoJMbb8mdi62IwJTB-jlcpSXc7Ng==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 58ms
12ms Script
application/javascript 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Tue, 10 May 2022 23:11:40 GMT
Content-Encoding: gzip
Via: 1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
Age: 30855508
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: pmCGE_Qilwtebj33bYXtd7ehTdZcb5fwk8SjXe3b_SLMjSWS1zyirg==

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D329057%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.d...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=8173631857864348275&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=329057&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subg...

248 B
998 B

447ms
103ms

Script
text/javascript

3.220.216.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=8173631857864348275&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=329057&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: HTTP/1.1
Server: 3.220.216.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-216-226.compute-1.amazonaws.com
Software: /
Resource Hash: bc8a0e96b413df5d3b36e7a337062bebc617c73ba48c990545f5ee5bb1304eb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 219
Expires: 0

Redirect headers

Date: Wed, 03 May 2023 02:10:07 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.192; 185.213.155.192; 953.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a89f2c72-4735-461b-b3f4-56f562761400
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=8173631857864348275&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=329057&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 48ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je3510&_p=1317441249&_gaz=1&cid=601600176.1683079808&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683079807&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&dt=APT41%20Subgroup%20Plows%20Through%20Asia-Pacific%2C%20Utilizing%20Layered%20Stealth%20Tactics&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_contributor=nate%20nelson&ep.content_publish_date=May%2002%2C%202023&ep.content_main_topic=vulnerabilities-threats&ep.content_id=blt860c4a2ff4f09b2a&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fvulnerabilities-threats&ep.content_sponsor=&ep.content_label=News&ep.content_additional_topics=threat-intelligence%2Cadvanced-threats&ep.gtm_container_detail=SCM%7C1.5%7C123&ep.content_topic_real_text=Vulnerabilities%2FThreats&ep.content_read_time=3&ep.content_topic-real_text=Vulnerabilities%2FThreats
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
248 B 55ms
18ms Ping
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=601600176.1683079808&gtm=45je3510&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 125ms
47ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=601600176.1683079808&gtm=45je3510&aip=1&z=617082259

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/0c487f05/www-widgetapi.vflset/ 184 KB
62 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/0c487f05/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c95c0994d62d97c528e8e239fd9b65b87e9a85719437051a37e2946f20455587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 01:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62942
x-xss-protection: 0
last-modified: Wed, 26 Apr 2023 02:29:39 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 02 May 2024 01:39:29 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 43ms
42ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1317441249&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&dp=%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ul=en-us&de=UTF-8&dt=APT41%20Subgroup%20Plows%20Through%20Asia-Pacific%2C%20Utilizing%20Layered%20Stealth%20Tactics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&exp=0yXzgh3iSjOeRpygmZwteQ.0&_u=aCDACEABRAAAACACI~&jid=1088763326&gjid=491051440&cid=601600176.1683079808&tid=UA-135180592-2&_gid=193003425.1683079808&_r=1&_slc=1&gtm=45He3510n81T52Z3Z3&cg1=article&cg2=News&cg3=Vulnerabilities%2FThreats&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=May%2002%2C%202023&cd6=vulnerabilities-threats&cd9=threat-intelligence%2Cadvanced-threats&cd10=0&cd16=blt860c4a2ff4f09b2a&cd17=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&cd18=3834%2Fdarkreading.home%2Farticle%2Fvulnerabilities-threats&cd20=vanguard%20-%20123&z=932834094

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 154ms
119ms Preflight 2606:4700::6811:7763
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7763 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 7c14f73f5ac89b86-FRA
content-length: 0
date: Wed, 03 May 2023 02:10:08 GMT
server: cloudflare

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
318 B 139ms
137ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 03 May 2023 02:10:08 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7c14f7401cc01917-FRA
content-length: 2

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 25ms
8ms Fetch
application/json 3.69.12.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1683079807877

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.12.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-12-150.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 34ms
8ms Preflight 3.69.12.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1683079807877

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.69.12.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-69-12-150.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Wed, 03 May 2023 02:10:07 GMT
strict-transport-security: max-age=31536000

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealt...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealt...

49 B
504 B

291ms
291ms

Image
image/gif

142.0.173.15
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ref2=elqNone&tzo=0&ms=916&optin=disabled&elq1pcGUID=BFBC314441A441668F2E290BF9EA2E80

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

HTTP/1.1

Server

142.0.173.15 Toronto, Canada, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 02:10:09 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Wed, 03 May 2023 02:10:09 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ref2=elqNone&tzo=0&ms=916&optin=disabled&elq1pcGUID=BFBC314441A441668F2E290BF9EA2E80
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 436
X-Xss-Protection: 1; mode=block
Expires: -1

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 27ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-135180592-2&cid=601600176.1683079808&jid=1088763326&gjid=491051440&_gid=193003425.1683079808&_u=aCDACEAARAAAACACI~&z=797654500

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 03 May 2023 02:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 126ms
46ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-135180592-2&cid=601600176.1683079808&jid=1088763326&_u=aCDACEAARAAAACACI~&z=911731209

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 54ms
54ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-135180592-2&cid=601600176.1683079808&jid=1088763326&_u=aCDACEAARAAAACACI~&z=911731209

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 delivery Show response
iirexhibitionslimite.tt.omtrdc.net/rest/v1/ 296 B
814 B 142ms
33ms XHR
application/json 34.249.239.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://iirexhibitionslimite.tt.omtrdc.net/rest/v1/delivery?client=iirexhibitionslimite&sessionId=6101c04463f145c0aa63fcbd6be2f002&version=2.8.1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.239.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-239-219.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0d4a5cec9519f904cfa8df4b77b1fe8172d3a0fcacff6b078154d8aa539b0827

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 03 May 2023 02:10:08 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: 5d3ed4a11cd22ebca60edc1e6ad23d81

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=8173631857864348275&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=8173631857864348275&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8173631857864348275&pixelIndex=0&google_gid=CAESEFbQ0p3eYnFQuuk-7sa-wTw&google_cver=1

0
598 B

103ms
103ms

Script
text/javascript

3.220.216.226
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8173631857864348275&pixelIndex=0&google_gid=CAESEFbQ0p3eYnFQuuk-7sa-wTw&google_cver=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: HTTP/1.1
Server: 3.220.216.226 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-216-226.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=8173631857864348275&pixelIndex=0&google_gid=CAESEFbQ0p3eYnFQuuk-7sa-wTw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 75ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8173631857864348275
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 async-api.8f89c105-1.231.0.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 22ms
6ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.8f89c105-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: mU67jycgcinZxIFlMFQSe3f.nxc8alvQ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: 37BCS8DNZHFEX51F
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1293
x-amz-id-2: l7Sao9WnOGc5CscYZH3uUViOtgVHcPpjk5kE/fPGBUygGNaNTDprb0BNj/7u1DP8P15bLFbq5Kw=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.256481,VS0,VE0
etag: "c795d925c282d627e664bd4811db2c5f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 70

GET
H2 200 lazy-loader.67423d16-1.231.0.min.js Show response
js-agent.newrelic.com/ 928 B
616 B 22ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-loader.67423d16-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: T3hyF0giIyFMr4zq18cu84rHhrcGImyr
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: 37B1K184NX2X7FRQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 414
x-amz-id-2: k5L/2mfzMyXve8s1l6Dl4lgGgtutkuhhdaCioUYljnUFn7YTJgVLiw2s3aE5MrfjGblCqgbP0OY=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.256544,VS0,VE0
etag: "5c71e603fdc4b5e7eb31a10d4bf90768"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 71

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 134ms
55ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 130ms
45ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 33 KB
12 KB 81ms
81ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&adks=3533079339&sfv=1-0-40&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810356&lmt=1683079810&dlt=1683079806987&idt=709&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=1600x3533&msz=0x0&fws=132&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7fb30561d8467c6f0ccce6a2c156e1d241abe05efd7aee22ec3f2f0952bee58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12560
x-xss-protection: 0
google-lineitem-id: 6225713667
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138427734065
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 B
317 B 69ms
69ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2085138235&sfv=1-0-40&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810364&lmt=1683079810&dlt=1683079806987&idt=709&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=1600x3533&msz=0x0&fws=132&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e545f7cba21b3b1d476c0c498825825ea90c49fb0d06a237f6d62d9bde0b9b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
4 KB 131ms
131ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&adks=1271228514&sfv=1-0-40&ists=1&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810367&lmt=1683079810&dlt=1683079806987&idt=709&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=1600x3533&msz=0x0&fws=132&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57a8f70f885309f74a5a904d5989111601ebba64f7a758058d7631673d74ef96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4302
x-xss-protection: 0
google-lineitem-id: 6194459167
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138424432228
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 B
316 B 130ms
130ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&adks=2135171771&sfv=1-0-40&ists=1&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810369&lmt=1683079810&dlt=1683079806987&idt=709&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=1600x3533&msz=0x0&fws=132&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

663b4b1099eec28e06c7a52760f4a825fa6019b34d80c167707222cbe22c0f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 287
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 B
320 B 119ms
118ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&adks=3146341140&sfv=1-0-40&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810372&lmt=1683079810&dlt=1683079806987&idt=709&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=1600x3533&msz=0x0&fws=132&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

630558d3404078c9d67241863742de65a866b23d70c314cd1f26169b2b3d7fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 B
317 B 107ms
107ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=6&adks=1012153901&sfv=1-0-40&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810375&lmt=1683079810&dlt=1683079806987&idt=709&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=1600x3533&msz=7x0&fws=132&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

631bee91a3474e98f04cd3b27892f2ec20400e9ade7d3d5856fd90363b3425f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 107ms
107ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&adks=583554112&sfv=1-0-40&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810378&lmt=1683079810&dlt=1683079806987&idt=709&adxs=315&adys=86&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91fbb7a9babc1b566b3614f14b9e8c673d8e5a471cf63cdab2e6f6ec8bcf212e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13388
x-xss-protection: 0
google-lineitem-id: 6157543105
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430455658
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 84ms
84ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&adks=2059181020&sfv=1-0-40&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810380&lmt=1683079810&dlt=1683079806987&idt=709&adxs=308&adys=868&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=646x1424&msz=646x0&fws=4&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0a877beb2eb03dba0c3835a4677185e51b39bb0dd1c869c8606471e4b3a4dca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9648
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 117ms
117ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&adks=3948516231&sfv=1-0-40&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810383&lmt=1683079810&dlt=1683079806987&idt=709&adxs=654&adys=972&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b8627232387981d31ff15f8ee92e706bc550acd37bbddfa9072c0fa61118c7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13410
x-xss-protection: 0
google-lineitem-id: 6270618857
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138430836619
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 23 KB
11 KB 130ms
130ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&adks=3655095316&sfv=1-0-40&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810386&lmt=1683079810&dlt=1683079806987&idt=709&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c67112b5f8d340c888c5e8c90bec42c1676d9af06f0c78711c29aa4aa23590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10916
x-xss-protection: 0
google-lineitem-id: 6194459167
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138422087851
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 95ms
94ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1430801062654478&correlator=2143665074251285&eid=31072878%2C31074224%2C31074246&output=ldjh&gdfp_req=1&vrg=202304270101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cvulnerabilities-threats&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&adks=3231611390&sfv=1-0-40&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblt860c4a2ff4f09b2a%26aid%3D101051%26reg%3Danonymous&sc=1&cookie_enabled=1&abxe=1&dt=1683079810389&lmt=1683079810&dlt=1683079806987&idt=709&adxs=988&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&frm=20&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=601600176.1683079808&ga_sid=1683079810&ga_hid=1317441249&ga_fc=true

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389d923e6539ba315a204b05da03241c4c006e33df5db111a32dc797fa654308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13352
x-xss-protection: 0
google-lineitem-id: 6194459167
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138423709163
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 128ms
50ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202304270101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ace38a0038ccf388c8c29d714f512a6fdcfd580f1fdebaacc050bc29b109e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11214
x-xss-protection: 0

GET
H2 200 container.html Show response
e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FAEF 6 KB
3 KB 161ms
45ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 02:10:10 GMT
expires: Thu, 02 May 2024 02:10:10 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
168 B 16ms
12ms XHR
text/plain 2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VwQPWV9RDRACUVdUDwYAVVc=
tracestate: 3288925@nr=0-1-3288925-322548631-82fdb79bde43335b----1683079810420
traceparent: 00-ae840284abbdd9e5eb6b16a6ee90c100-82fdb79bde43335b-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiODJmZGI3OWJkZTQzMzM1YiIsInRyIjoiYWU4NDAyODRhYmJkZDllNWViNmIxNmE2ZWU5MGMxMDAiLCJ0aSI6MTY4MzA3OTgxMDQyMH19
content-type: application/json
Referer: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7c14f74f2dc21917-FRA

GET
H2 200 862.04af29e3-1.231.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 13ms
7ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/862.04af29e3-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: F3uiK5YwfyYXl9HDrytyVd85M_NbPJob
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTGYTYZGYTEE5VR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3627
x-amz-id-2: CnoHNTRWJk/FswBIswZL53MF3lVkOZRgjF8pScf2uhb05x7xqmtixOsgewdo6Clj5FnD4CPUQgc=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.439584,VS0,VE0
etag: "8ff6f8d3b9281c2834e211ce2228757e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 794

GET
H2 200 page_view_event-aggregate.8cf0450e-1.231.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 17ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.8cf0450e-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: YL5vYhsqsLDVb5Z0VzI.0IKZ9oVf.jnj
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTTS9CQWGF416KD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4107
x-amz-id-2: Lk3Gf6ZFg2qFe0YszWBoBDq4Jr85JvIsv4FhXT4LVfwr7XtpheTYp7TKEGRXx9TIGVaYfcXs6I0=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.440529,VS0,VE0
etag: "927ef57448f4e9500b6ddd704625d0b2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 810

GET
H2 200 page_view_timing-aggregate.a30a53ff-1.231.0.min.js Show response
js-agent.newrelic.com/ 12 KB
5 KB 16ms
11ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.a30a53ff-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: tXajjyfh__GTM5HYavqt0WCAqFhJIRAd
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTKRCBWK9DY9VF2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4637
x-amz-id-2: CKWepQMptbiGZFbvmlyoSJpxWV7TanAvkhpurJpPVUD+E87oxr/ze2rgQ9QP/sPuOgvywtwCjnc=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.440351,VS0,VE0
etag: "81350454b5ae22caf77cada88c68cd10"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 801

GET
H2 200 metrics-aggregate.78efb4d5-1.231.0.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 15ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.78efb4d5-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: GnoOJSNFMPBLvvU2loT.6gfpbCRyQb8e
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTZPDPNJWS35TK2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1587
x-amz-id-2: fUoQ+XMTbTgwmL/Eea4Z/+Eqgm9QhGJWm7/n7/PpAZUPdgH3OTX2ZX9ZNwi81DBuJoAMOluu2sQ=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.440309,VS0,VE0
etag: "25879f97e7abf9cd89e027ff5a41ed81"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 809

GET
H2 200 jserrors-aggregate.0b4d6623-1.231.0.min.js Show response
js-agent.newrelic.com/ 7 KB
3 KB 14ms
10ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.0b4d6623-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: sBZl8cmCtUvWsekLB_5JE6E4NTVXZbrJ
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTG5BSGJZ3576BQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2699
x-amz-id-2: mzcws6fZHkHHrTADpFtfGdNmxISvxtuagteg9fmLGk/mdvXhaqP1WG59IV24D8qGPn0nTH1AKMY=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.440198,VS0,VE0
etag: "105c0b07033e97d2ad5192f22cd2b7be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 548

GET
H2 200 ajax-aggregate.b0da4738-1.231.0.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 12ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.b0da4738-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: fX33moFHF9HahFsZ9OF7r7ctzevPre0s
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTPJEJPB2M16VS2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2158
x-amz-id-2: o+z7o+gVJvxMzYo6RoTcp2dMOyyOsURblNe0x2s7wXZVVnC1VKMxRJ65qOIQQ6u3vuWgPfv3JJw=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.439946,VS0,VE0
etag: "9a50be0680ff4e93b2870bc5fa243b5e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 549

GET
H2 200 session_trace-aggregate.0938abd3-1.231.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 12ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.0938abd3-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: wGz7Zc4CdeNSHrMhENAh1KuuSWZPluFa
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTKVMK4G03C9ZJV
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3219
x-amz-id-2: eI6Spho81iFK1wd6ak7IEwK4jY14z4wsClJIOi/E7+BvCsOVulW0w6tNsvxh+lK7txj/UfZ+44c=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.439937,VS0,VE0
etag: "e48f352e197fb565313a4b08e8d2220a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 427

GET
H2 200 page_action-aggregate.42c392aa-1.231.0.min.js Show response
js-agent.newrelic.com/ 2 KB
1 KB 11ms
8ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.42c392aa-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: y9zWfqNMoXLtAEnsmpgdpZ1x7ixYhd2R
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: TD9VJ30EHGF3GVXH
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 983
x-amz-id-2: m/JfP/uIDF1zMjEEsLJNvcUwEphuCWd8SnvQ8bzdTukQ+f/0jFKVz4C0Wh17Xa8hA+99HRL0Ifw=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.439924,VS0,VE0
etag: "127fe6773a93cca9c6fdbb5ff34d7655"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 324

GET
H2 200 spa-aggregate.19ebdf8d-1.231.0.min.js Show response
js-agent.newrelic.com/ 18 KB
7 KB 12ms
9ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.19ebdf8d-1.231.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: Nv8wrgEhI.ic6ql5Cch9vZS5.tVJ_ipI
content-encoding: gzip
via: 1.1 varnish
date: Wed, 03 May 2023 02:10:10 GMT
strict-transport-security: max-age=300
x-amz-request-id: MWTQ2S1B4EK13KEQ
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6566
x-amz-id-2: 3XspXqooYA/1dqYAfEd34SASadpCTQLAKTeshZF0HeNMmY25/RC/UbzrxlAzx5R3C9BXGNBbxjU=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Fri, 28 Apr 2023 17:58:54 GMT
server: AmazonS3
x-timer: S1683079810.439904,VS0,VE0
etag: "b29b6d7f913058268f8d081edc70f25c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 458

GET
H/1.1 200
OK NRJS-4eee28fd5f21ed85217 Show response
bam.eu01.nr-data.net/1/ 49 B
452 B 62ms
21ms Script
text/javascript 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-4eee28fd5f21ed85217?a=256687733&v=1.231.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=3968&ck=0&s=e6358f1c137cfc19&ref=https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ap=307.1326&be=488&fe=3424&dc=492&tt=4bcb598ff801476e&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1683079806497,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:9,%22c%22:9,%22s%22:15,%22ce%22:26,%22rq%22:26,%22rp%22:488,%22rpe%22:497,%22di%22:705,%22ds%22:980,%22de%22:980,%22dc%22:3741,%22l%22:3744,%22le%22:3912%7D,%22navigation%22:%7B%7D%7D&fp=687&fcp=1167&jsonp=NREUM.setToken
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 49
x-served-by: cache-fra-eddf8230081-FRA

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EAD 0
0 76ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvFuXy3F1gsjEtkg4rya91SzlGnGOFOueCAKUqHhYUImM40g3NOL42SM-IIVIxN61SVdHW4L4ByUnGotI0rTNeIlRV8PMF4KgN83Z0vnIOBIBSN9zhAt8oV1DnpsnDYn7NXbq9U11GfcucKuo2pHGM8qC9rfn7KVcUNu4W43vgcvObWKZfVQyDFgiQV4RdRNslbq6K04980yU0BLvCaTM8k1TAKaOmUYr6156jZ8drqCnYwmc9FBMe_CRfJneTRJcjqt5URX-2Y6ijgI-RVng9QMNVI65ADCCp-w2VKmmffxdCrVKU4LaUXDYrHEVdBzcJpOFlOZmH5KXy9MlybJxvCBHG0t_Hwz0c1DsR8to2iDvb2tw&sai=AMfl-YSBHRZUyoM6cwablBg24gvyXHVR_EW7FtNPivu6cSqZVUP3fWkQE8pvsZ2R3ujoCpV76ZmnA7ZbP1tYbcL22YjnNU4G4AouZTARaQpaIGWO92KZ0KcqL7QC3_Sm2g&sig=Cg0ArKJSzEB3a1F-1q4BEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/130102/ Frame 0EAD 752 B
812 B 78ms
40ms Script
application/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Wed, 03 May 2023 03:10:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EAD 160 KB
49 KB 152ms
67ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 0EAD 326 KB
111 KB 29ms
7ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: Q6VN7NAJDT3PJ48A
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15377
accept-ranges: bytes
content-length: 113597
x-amz-id-2: q6ErYaYN0vG0UjKdXeXuV1UIi4fYHPiKwChr4pIS0KW0pvGEj643hqvfwJNdcGmoHsO9UZkVlAw=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D0D 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssebKNz7RzBTpCMyqGKwFY1U0f2jzZ4X80OhQHeK4ZlP6lLrvZzAw5sO9wtUei0O-EvKoRCGrpYKLf2zltsCXkq2fE2UDoEhhwLNdzr-ZUiV54SE08-LjLTAUK-KzrGOe5kFRIWDDf6U08dQWJhaIwQEHh2D67TjfVipPWEy_nxeVy1IUIrFoss4v-hD6kObFhp-COwrWgcF687oX1lRNqZ-mo4c2w2pLTYK7Pb1986Rt5jlxQytw4c0XCQRSQCO6igt-PVjC-a4HysK5qCv0cQwZ7IgH0zn5ErLFTpKuHIxOp7aWIKBM-aafQt6KaRhxloCBlV5M6iPO10OTunsXI5U-fjRaWDeeGb0kCcp5XuYvn0IvP8JHE1IeZT_lAOnoJlqxy9ncwRNbgR&sai=AMfl-YSO5LoDTbh0e_K_FPzyQ6kQGJjYmWamL2KKJ-PAlJR504i5fT1I2Qh4KziBc_gnpxabw6hWH80SJ2RpGJIP9PNFHkDyzYLDEj9a_LSH4SZvOmO6-dNbDi-Flw3TQQ&sig=Cg0ArKJSzCvwOJ83dphWEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 0D0D 94 KB
33 KB 19ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1787d"
vary: Accept-Encoding
x-hw: 1683079810.dop125.am5.t,1683079810.cds007.am5.hn,1683079810.cds284.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D0D 160 KB
49 KB 212ms
153ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 0D0D 326 KB
111 KB 18ms
17ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: Q6VN7NAJDT3PJ48A
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15377
accept-ranges: bytes
content-length: 113597
x-amz-id-2: q6ErYaYN0vG0UjKdXeXuV1UIi4fYHPiKwChr4pIS0KW0pvGEj643hqvfwJNdcGmoHsO9UZkVlAw=

GET
H2

200

12011975891451782022
tpc.googlesyndication.com/simgad/ Frame 0D0D
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssebKNz7RzBTpCMyqGKwFY1U0f2jzZ4X80OhQHeK4ZlP6lLrvZzAw5sO9wtUei0O-EvKoRCGrpYKLf2zltsCXkq2fE2UDoEhhwLNdzr-ZUiV54SE08-LjLTAUK-KzrGOe5kFRIWDDf6U...
https://tpc.googlesyndication.com/simgad/12011975891451782022?

164 KB
164 KB

143ms
142ms

Image
image/jpeg

2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12011975891451782022?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de037885f3473318639a54e9be6972cae629c5078361ae33520c616e07dad1bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 05:08:41 GMT
x-content-type-options: nosniff
age: 75689
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 167777
x-xss-protection: 0
last-modified: Wed, 29 Mar 2023 18:26:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 01 May 2024 05:08:41 GMT

Redirect headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/simgad/12011975891451782022?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 Dark_Reading_Logo.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/ Frame 0D0D 5 KB
2 KB 8ms
8ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/619f4fb0a0cb8076d613e3ba/Dark_Reading_Logo.svg?quality=80&format=jpg&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 704598
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo.svg+xml
fastly-stats: io=1
content-length: 2021
x-request-id: 77944
x-served-by: cache-ams12720-AMS, cache-fra-eddf8230114-FRA
x-runtime: 99ms
x-timer: S1683079811.539643,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 38ms
38ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1317441249&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&dp=%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&ul=en-us&de=UTF-8&dt=APT41%20Subgroup%20Plows%20Through%20Asia-Pacific%2C%20Utilizing%20Layered%20Stealth%20Tactics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=welcome%20ad%20served&ea=6225713667&el=138427734065&_u=aCDACEABRAAAACACIAC~&jid=&gjid=&cid=601600176.1683079808&tid=UA-135180592-2&_gid=193003425.1683079808&gtm=45He3510n81T52Z3Z3&cg1=article&cg2=News&cg3=Vulnerabilities%2FThreats&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=May%2002%2C%202023&cd6=vulnerabilities-threats&cd9=threat-intelligence%2Cadvanced-threats&cd10=0&cd16=blt860c4a2ff4f09b2a&cd17=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&cd18=3834%2Fdarkreading.home%2Farticle%2Fvulnerabilities-threats&cd20=vanguard%20-%20123&z=999231603

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 02 May 2023 15:17:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 39179
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B87B 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4Ps71kZpSBCwqGfpVlr_jwXHgC_Jeeq7w0lNNMcaWPpK4_n3ryYdSL0bSficPFB3URr9VhkFOVDdeLejDERZtHyiWT38-EZLGRFrdAZSfZalC3Vuo-T77kq_RrztpWJHygM7MSI56cTTsg_uJ_y8d__ny8jLM08v398v6nTXl9wLfq-RXCDAQPYfm5G-uyszxjUS16v9O224UEzNUWHvo6C0hIZGh-FbieW8R6yHIKlMYdLGZi08Ef2VvJqRGLm2FrozUv8ZOjm4NOb6o8_Z2egdQPC8boh7kJ3e6mSDQVfP3G-yx3v4F1VgzXJSmNSG7xXe5XPH3G3HV92cHqOb5mandHU0Cbjab_2VjryRpowi6Mi5dtx4&sai=AMfl-YS7cEcY9jlB9IecTFsw2jh58MoM4ZUPBQ7dE0boc0JPPT0bAddOHRt699VaID5nWZCN93IIkxgDEgHcJNlkQ53RyUamht3EVjpIn0XXVJbWLA8O2jnEG-VrBNE8ygA&sig=Cg0ArKJSzLO3wpGZWQS7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame B87B 3 KB
2 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:33:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B87B 160 KB
49 KB 150ms
122ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame B87B 326 KB
111 KB 7ms
7ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: Q6VN7NAJDT3PJ48A
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15377
accept-ranges: bytes
content-length: 113597
x-amz-id-2: q6ErYaYN0vG0UjKdXeXuV1UIi4fYHPiKwChr4pIS0KW0pvGEj643hqvfwJNdcGmoHsO9UZkVlAw=

GET
H2 200 2126048541317157043
tpc.googlesyndication.com/simgad/ Frame B87B 52 KB
52 KB 171ms
88ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2126048541317157043

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdd688b20a1a33d20762bcc5881e93f6a479577694270cc4d7e453725ee15019

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 01 May 2023 08:30:05 GMT
x-content-type-options: nosniff
age: 150005
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53176
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 20:36:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 30 Apr 2024 08:30:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame B87B 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTg6vpM7siQEGlSh192QQ0JEiMSiJoFuTgAA8MggPOXECkhCRDCPtoqFv1paSlYZB4Ica9j
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BB1 0
0 74ms
73ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDRZCm2j5Sg0lPEy2-OVenoejsMeklQn0Rq7q4F2qnMKTuaovyiaTWP886tZa6M1iYXfOg2mt_Uha32ewCiqERZuRYbxAq398nXUV5UeiYOhx8YoYIq9V531YbXeg7V2Dh5MndYHxhXRvLJiDNg0aCKWTPwn10sUfvavm3Yu4n9gjSWHHSoM41kw-FUg6u9AD2a6VrFwlt6UTBfpWYWDQX8ZQ8Opttg_F85SBG6P3GiZswJDGi6GtMD6pZxT5sQU0JpDddY-1RBdpwJzJCX6CvF0xjeaqSmDq7V20Hc_ZQToc7EqYYXdSnlB2nYiFiMnYkV7dvY6Jf6lJ-c4L_kbiRga0FnVPhNblNHEc7xTxIsWVb-JRwMQ0&sai=AMfl-YQdeq6rlqpWuFdOGxmPsjyUe29ir9av1Gkcg-GzivjxLTyyXLfhuIWxxQI_pRHUS6WwxleYhgR81tJeHy4xnZShJGBLYFGBL_vfdSgkxyfS9oYisD9TMizN9CQ13w&sig=Cg0ArKJSzGJ2f5hsazU9EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 3BB1 3 KB
1 KB 100ms
40ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:33:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BB1 160 KB
49 KB 174ms
168ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 3BB1 326 KB
111 KB 7ms
7ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: Q6VN7NAJDT3PJ48A
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15377
accept-ranges: bytes
content-length: 113597
x-amz-id-2: q6ErYaYN0vG0UjKdXeXuV1UIi4fYHPiKwChr4pIS0KW0pvGEj643hqvfwJNdcGmoHsO9UZkVlAw=

GET
H2 200 5027517339664842723
tpc.googlesyndication.com/simgad/ Frame 3BB1 72 KB
73 KB 100ms
41ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5027517339664842723

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1e779400a82dc66165854384cab22bed09762f0d1b9d5e0da2a31563adb740c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 30 Apr 2023 07:42:09 GMT
x-content-type-options: nosniff
age: 239281
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74079
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 18:06:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 29 Apr 2024 07:42:09 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3BB1 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRpl7LVEeC5ynEpDyWkv9dFp40okakLWzw05An46VrA805mgi3WYO6yfdCIcpzc4ivICYPQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame B87B 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39132fc0de70f649a5d3a455a87f0808579e01f0dac763feca8491ba11a361e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3BB1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3558c7125539d656f9748385188b6fe8c5e4d2fbeb917dbec2d7e35cae796862

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A0F 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQ8CyIN5dzRArTjBZhQVl7AeeY5nZHSXNXoaHMT_Nq1imDt8YqOxmsUy3VMqOD5bOrUDyri8GiZqxVRzx4TE1SoSr4XuqKFqzCeAp2kYA6NBKQ1QaPuJqSg-8tIrrU5kWH8FHk0LJ1chLjwrFBwDeK32wEcLMe2bZlBgqazY5pvB18xvZ__bsE361Zv0e0BE5ZZ6dhOwhCkCeLe5W6xSYqGCLPa45pZ8TNSmxcVfjVL9XnMYGGwm1PpqtI3RzEwt-1HMTC4FS-NUeR_0WHTJqAvNJWu_2JksW2kumxwuP59uEHj7mDzKmWQwyLt-OXZbWwSt4egf0UiEpov0h_jrrXBmsBUQK0KAReAhIt0PLp60LNqUDhc0Q&sai=AMfl-YRL-dfriWVbjGCgaxIfGsfnJ1As7rRC7pba2N1M6Ifh6QoBAqYqGh1Bq25FnyxensGs_E4WFk8YQph5A9Y0KLIjTq_AJBNZcXp5cUFIqzkId63M6YTFmvXIl2WnrNE&sig=Cg0ArKJSzJ6GSmKPbbyPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/ Frame 8A0F 3 KB
1 KB 69ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230501/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 17:33:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30976
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 May 2023 17:33:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A0F 160 KB
49 KB 149ms
149ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 8A0F 326 KB
111 KB 7ms
7ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: Q6VN7NAJDT3PJ48A
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15377
accept-ranges: bytes
content-length: 113597
x-amz-id-2: q6ErYaYN0vG0UjKdXeXuV1UIi4fYHPiKwChr4pIS0KW0pvGEj643hqvfwJNdcGmoHsO9UZkVlAw=

GET
H2 200 16087554228709118407
tpc.googlesyndication.com/simgad/ Frame 8A0F 78 KB
79 KB 174ms
145ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16087554228709118407

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6fb52a1c6c89ce89a590a52e7caa21e0f9dca798ac335c2c3f08a96ce71532e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 29 Apr 2023 15:18:40 GMT
x-content-type-options: nosniff
age: 298290
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80268
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 14:21:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 28 Apr 2024 15:18:40 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8A0F 0
0 43ms
43ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSkucj3sonXGVFiIxl2j3P10PtOKEDse5U8DsWf2x1G8xcBlAbqMRd9UeznEofIOGrD2mvO
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 10738839447047692580
tpc.googlesyndication.com/simgad/ 76 KB
76 KB 173ms
167ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10738839447047692580?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12e4d2fe2097908929be5b001e7fcba335c91f499c8958b0582b2d60ea3d5c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78073
x-xss-protection: 0
last-modified: Tue, 31 Jan 2023 20:36:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 May 2024 02:10:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B20B 0
26 B 74ms
74ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLHZ2Z2zbi_JHhUkkbp4HnSwxHJd0oUGS184V6_olb2YG38weuAcoz29wVniT3YgwO7zg46P3L29xxqhbd_rmDblvgD1fG7PE5PxOBpJnGhZXFNHmxPrygY-55dSjVy6OQMzFyS-KDamsg563pJKc5HaOT1H2uoZvkNh1tYK2z3lPhEGqqppdUqjDlDbZ6O5N0NRvWYmA2Z2cC7EWJVksFovsdRc9i0ql8AnWX069N6eebgsiu40bIHWZ0TcgzggTGvPjsZu2n_bxd7BuCFPss3VhgMb864W_9VkjufWsCAsQ8MBBuRttq0ejUPy1FISxF8RXtG1x1H7IaxN1J5tUoK05tpdhcBrVlsI71f1TpABcGw9I_BsGaqYM&sai=AMfl-YQD5To6IPNOGK0GgfeuNLTOabZVF0vHtzZb8mUvHyaV96E52NHvJxvYOvWnvgZ5uy5OGiVJUql9pqR5fhV18RAcFkKEC58PBHyVItWo1qr8WvPCNzNZHgmp3T7ALNM&sig=Cg0ArKJSzCjMuN5vQ3BqEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 295B 0
0 74ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBtadVzz-Rcu3t9W7GglnZhzfQE78wtpdTuWZZdS4m47aTsOqsBz1Tp0LhrzwIJHF2LC2xpA-FDyERWVo2jA8aKI8M0UjsYlJLOaTxIJSvbYVSwZu2Kh7FI4PNoypBqdMTOlcIWgzjRmJhz4vrd7iu35LOumFNOPlYHgEDiR7Ckk3TKZHXuHduqv3HmhRhrkPXD90N616WGJILbqgJ7rUHoqh1wwC99CpZTfFDd5yhLYx2fXT41E9riUw6O57Bz-_EtfVKoUxeI4jRk6M9WIyRUkeTFEDEDygxpZJOO2yTgFoQqvtcJy549ghSpBcipkTwM1uzN0iB-mr8VwDKc479os6u8w6Sf1sAfSU43vMuGQC7LMekyfY&sai=AMfl-YTF6XjK9q1njLjRSGx1xuIPkrSu4LuC2KW36SJGi47c4VXWUx1PZr-bXEjO4s4HnJly8UcEDvw3LaKnMOPgm_z959uBjBh1L5r6duv14dbQc8P4eQ-UvrMiv9mL2wQ&sig=Cg0ArKJSzLHucJpXjSuiEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 295B 160 KB
49 KB 138ms
138ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50021
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1682940967289926"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/pentonmedia53440730609/ Frame 295B 326 KB
111 KB 7ms
7ms Script
application/x-javascript 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202304270101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
last-modified: Tue, 25 Apr 2023 09:53:45 GMT
server: AmazonS3
x-amz-request-id: Q6VN7NAJDT3PJ48A
etag: "7653b2f5aea863bfd8a9654b10077896"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15377
accept-ranges: bytes
content-length: 113597
x-amz-id-2: q6ErYaYN0vG0UjKdXeXuV1UIi4fYHPiKwChr4pIS0KW0pvGEj643hqvfwJNdcGmoHsO9UZkVlAw=

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 302ms
301ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 03 May 2023 02:10:10 GMT

GET
DATA 200
OK truncated
/ Frame 8A0F 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08c083e2baf002fa5309ea1cd09424bf01644500dbb60828f6f28e4a61f7d0a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/652dfe5b/ Frame 295B 14 KB
5 KB 432ms
113ms Script
application/javascript 54.224.217.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/652dfe5b/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsslpQWGjjjtnAo9jGLuMW_oldQnJcGvFJGe5yDTFdd8NkJSc5Ja6oXjayVl-QxlmG_c2jHqsY7VqkQc0ErHkPVP2iu1xhswV5GyPXScuYW4CrwuNBE2T7v4yo_adh9ebfnZ2jTeQ1bGSuWrbMz1qDPt3YqbMI_1Bz0-9NpW7mq_b51B9dZVzF_Tf86H4rYdG_woVi3Cj94AKBCXMCqeBi8fTmlwoCYtFRpZ27uRJzIfv_FELLUTZ9hqUihzlXXYReoSgG5VmpmjR7t2T5-N1BPE0jHOMsfzsItIUVdc3WDlm4UGhq95l0mSL0un7-BL-sDnqftEFLi1dn_XnsBMqLPLiEbQgezTxf6DODhsMMmKZgTr95g%26sai%3DAMfl-YTDtWo8bmQUAyP1H91WcN4R0eI04X86SevVnaHlILZ9-jFywcU2LhpBxTbavxN007y7XwBQrSYTQRdfl8y_tVk7ysTU1QCuvyy2mrhTRYY5LH3ljWrw79NO5kj7TvE%26sig%3DCg0ArKJSzLMdnSQW4XHlEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138422087851&externalCreativeId=138422087851&externalPlacementId=22339889189&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6194459167&externalCampaignId=3133733458&externalAdvertiserId=4954976792&coppa=0&scriptId=celtra-script-1&clientTimestamp=1683079810.692&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=1699961255189113
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.217.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-217-157.compute-1.amazonaws.com
Software: /
Resource Hash: f65f126b410244bdb82fcf54cf53ec3a651bbda9b055845a5f3bcfe279527ce6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4844
Expires: 0

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 596 KB
130 KB 11ms
11ms Script
text/javascript 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 30caa0bd9da9af61b40c5c9a1d09547a8f118010ebe75f689d1b757c17614a3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
content-encoding: br
last-modified: Tue, 02 May 2023 15:01:50 GMT
x-amz-request-id: ZA9MYRJFTB37KCR4
etag: "d06b7e6e6f6735317dc771793d48ae82"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 6
accept-ranges: bytes
content-length: 132889
x-amz-id-2: QkEMXohdNEAN+6KYVCrMweJ8FWrSWuiH4FhVhXRKPlNwwH90IeHqOHjPV3oFTRc1Vb2wjnrjR68=
expires: Wed, 03 May 2023 02:40:10 GMT

GET
DATA 200
OK truncated
/ Frame 0EAD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 376b375ec61eede75153d58bef2bc31f6903ce677eeb3bdf048a384c3f884331

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 0EAD 31 KB
11 KB 51ms
15ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?342023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 01:21:01 GMT
content-encoding: br
age: 2949
x-guploader-uploadid: ADPycds5Qeseh-xyEzxs9VoxpDVF9Emp0P2QQBsaiqR865ibs_qkYV4HYDYlbDdKGXL-ErEur7w8AHn9WIlT0o1HEr-n3o8WmoX2
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10518
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: AMS-5232d789
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 n.js Show response
geo.moatads.com/ 99 B
272 B 171ms
33ms Script
text/html 79.125.102.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079810815&de=486179808133&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=2&cb=0&ym=0&cu=1683079810815&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=1834557253&cs=0&callback=MoatDataJsonpRequest_46977634
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/pentonmedia53440730609/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.125.102.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-79-125-102-197.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 7d32d986efea23aa237240bb8c937ec1370e781e7561b80a04202ab7fa95454c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:11 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "0824100f870e3b3e2c1c64db7cc9109f40899859"
content-length: 99
content-type: text/html; charset=UTF-8

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 31ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079810815&de=486179808133&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=3&cb=0&ym=0&cu=1683079810815&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=1680179135&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B87B 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEXFOr_KrGdwNJrIV0LTb7AEKH8403m0p4vrEbKFBpn7l-OWZPNaMaPima3ixp9jGhLtBAP-w02tbAuvTZ_bUkfpDPXmHC0Sgc6KJmkOoXGefp9S_mvAR-23c-oh1lPqLz8nAgcbtnd3KexW4XepbpFqq6fhqj9JyHgDebegMiqSupuvgE1otv2HSOt4Cyo-RcMuJPl0wMDDRMowkIE4TB2JRAoAoN8r9kp1DHha4qo4TQx3yo6K4BY6wnFod_fiO2vbfee84vLW3HkfeHpKc1M6rkrly6WYMCgu0pA8j134eQlI_tUu2jp-NybOUQJsjf3jXkXZM-Rp1UStrIxKCMF5UdDVS5qsLrlQAkod2EYBUPWvcIpXqDmg&sai=AMfl-YR_2SrPVfvX6ElJwBwBRyp1Hd4X3W0UCGQxhJQX2EfaqUYVpBLIchhJnXAEKzQ9GMxGdaOb5QEaHrTwJw3OZIjEQpT3aqh8rq5ca7Ddp2teKMNwCClQYXPj42Zb0sA&sig=Cg0ArKJSzPwqnM7MqyI-EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0D0D 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfgb2MEzIZWwmBf5RAixaBNfRFtbByAtTTpK1xh4sbo4cr_nnxrX1NfBgGmNKa8SHb5bYesZjHutdXcGzkPOFVRmSe5bNag6CZVCyI7YMfIHfy7FWMSN0MEa8cJ_RqhgcJFb7gosW004jaTvrITK2MX3MAT-GVntz3MyCGmTIaFy7HOo-Ogt37o7JcOa2wltyqs-JejX_JarAJra9c4x5i4CkLCVf_VirHIt3s2Q1ffpaaCW7AVoCkMyCgXoniu_FGPn8gNAG5ubDIsM5QiOuEDp8EziLnsZblGIxpOWDHZDFinrQEemJOYhCRuwMN5yDhRZfhRISBlWq9gcsHQJ3Mbd3xrsiE8Ja6kxq0ONljYYcP20iglH0P8rwxGP2H&sai=AMfl-YR4-YTSbrMCK2iKP1umTQS92upGoBEs7iQmnvajFpXd3l_V61OIt6F2ZWUBMLZBFrMdxgp5ibTfUgfKvqeqjmkgcJkTc4PnnhKPMOMmYcEXwQVtr7WDuB0jytdcNw&sig=Cg0ArKJSzAQXAF8GeFj0EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:10 GMT

GET
DATA 200
OK truncated
/ Frame 0D0D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ac783c64400e0429ae3b8c235204473347ca03aa0dfe7c94c43fbbbcc2bec1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3BB1 0
0 75ms
74ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx3LqHm-SLKItGMj5EnGP4-c6p-_v5WvGb6SROJdYOtD8Bo6-oyAsPRA9EyE0nACkNOYKaU70LpIimgzMlyYG3mff1GjW4-0ZLYRocNs-ECe6_2_HlyLW7uN1pclvYsTe8cTKA7U2VAxVQzQxB1oepe5h8ZLF7VYPHDSd-NGqhe1K60yG_b5Lh5RwUqnBtaKSInlnuDvEnawPBAcRtrDSMHwHIzwNfvIlOwWOE6qE6yQThDWFrvhqxPr5d2wyNqdJ3yso8K-QgFSEL6anMBCsBAh55kpM-ajfy_UUfPPGkXZ-yx679a8ZDYj-RamOiKLwq8PDfYMI3Zx9aqWeDDppni34k3uOjJLJEWdI67VBVssExjHiRvueNMw&sai=AMfl-YQD1uuIjznz6NrKMYXF4PAM1PLbrE9VHBhhl2tqvzDcticNgnavncdkOOHTkhLaQe8OzVCw-neL9T7gfnxcucfV1wyKKzgcqwItAs6ev_CduXIp8X8e8ULAglnPug&sig=Cg0ArKJSzBAD6vGtYnD0EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:10 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8A0F 0
0 77ms
77ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQfIBGBlMkLJ4CQsFEBpSGnXWESoqxE6o_d6ydXirIl4npQ5UKoCM1AXnoOjeuLKsfsbVsBcPvQaFeWy9MxvTCoomqjHiX-ZWNmDCQfZBcqAyieR3m7NJ8am03fltta3JS0zJ3UcafFKB1CFRTGc8v2dJllfVAA5nuFDcKooPKB0Z4pM9hOj0iUZc3KxqpEYo9_-9tNcPiJfTte97QuMqLH_qu3fCyoDtIeqvyHFy0hBexkAHzxP3NMcqALCJ-KzEH1pvo_29PyrAGkVIcBmdH5i5IXk9KgtRDlH_m6xpflb2I2syXs2DKYWqvCU3wIDqg-WqXX26K_sErzal1LqOgvc9R9UKmTGfZ0_3q4WrXFJzKXB8YWrb1lg&sai=AMfl-YQTIDGy_fY76hDzorzMS8UMw58PHsF7IgSo2c6bD_kV_fmKhOMCgBzUDMX_v4HlV8UG2h8oonGNmvFGx_-Ej7GNYef9lBb55uc7Tz34mh5yLZH2BsEjYPxOcP99kV8&sig=Cg0ArKJSzDOz9_zMsyrsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:11 GMT

GET
DATA 200
OK truncated
/ Frame 295B 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dd230495afe1edb4b962cf4491730bc2cab7a74be3d93944e43c81ba732e520

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079810898&de=491665159743&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=7&cb=0&ym=0&cu=1683079810898&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4954976792%3A3133733458%3A6194459167%3A138423709163&zMoatPS=300_2v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=675007457&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 0EAD 62 B
309 B 108ms
108ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&pv=1683079811081_8k4m3geuc&bl=en-us&cb=166403&return=&ht=&d=&dc=&si=1683079811081_8k4m3geuc&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?342023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 0EAD 20 B
482 B 1050ms
171ms Script
application/javascript 3.214.24.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=342023&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?342023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.24.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-24-142.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 02:10:11 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Thu, 04 May 2023 02:10:12 GMT

GET
H2 200 track
t.teads.tv/ 23 B
113 B 74ms
37ms Image
image/gif 2.19.229.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=ec7a7141-4716-4e80-b6b5-65c8af08c15a&pageId=130102&pid=142873&debug_metadata=pWfIFl2wqz&fv=1180&ts=1683079811116&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:11 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
143 B 77ms
40ms Image
image/gif 2.19.229.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=ec7a7141-4716-4e80-b6b5-65c8af08c15a&pageId=130102&pid=142873&slot=polymorph&fv=1180&ts=1683079811122&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Wed, 03 May 2023 02:10:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 200 ad Show response
a.teads.tv/page/130102/ 540 B
717 B 42ms
42ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&auctid=ec7a7141-4716-4e80-b6b5-65c8af08c15a&formatVersion=1180&env=js-web&netBw=10&ttfb=462
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c56908853e84671cdc69e97187adf97d35b1f7d446e67c0ff57e86cfff0ff437

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 365
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6489 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 12784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 02 May 2023 22:37:07 GMT
expires: Wed, 01 May 2024 22:37:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BA40 783 B
534 B 48ms
48ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

02476ceba7117f923e93d6dcef920895dc81d5745ed6dc429b1c0497306e3956

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-66yw3GpS3ybuP4Igd4rLNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-66yw3GpS3ybuP4Igd4rLNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 03 May 2023 02:10:11 GMT
expires: Wed, 03 May 2023 02:10:11 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F2126048541317157043&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810898&de=491665159743&cu=1683079810898&m=13&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4954976792%3A3133733458%3A6194459167%3A138423709163&bo=22316126855&bp=22339889189&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=14_mh3qacc94e000000mh3qacc94e000000mh3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_mh3qacc94e000000mh3qacc94e000000mh3&iq=na&tt=na&tc=0&fs=203238&na=998770233&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/df6d797c/compiled/ Frame 295B 563 KB
564 KB 699ms
8ms Script
application/javascript 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/df6d797c/compiled/web.js?v=25-34408cb77d&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/652dfe5b/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsslpQWGjjjtnAo9jGLuMW_oldQnJcGvFJGe5yDTFdd8NkJSc5Ja6oXjayVl-QxlmG_c2jHqsY7VqkQc0ErHkPVP2iu1xhswV5GyPXScuYW4CrwuNBE2T7v4yo_adh9ebfnZ2jTeQ1bGSuWrbMz1qDPt3YqbMI_1Bz0-9NpW7mq_b51B9dZVzF_Tf86H4rYdG_woVi3Cj94AKBCXMCqeBi8fTmlwoCYtFRpZ27uRJzIfv_FELLUTZ9hqUihzlXXYReoSgG5VmpmjR7t2T5-N1BPE0jHOMsfzsItIUVdc3WDlm4UGhq95l0mSL0un7-BL-sDnqftEFLi1dn_XnsBMqLPLiEbQgezTxf6DODhsMMmKZgTr95g%26sai%3DAMfl-YTDtWo8bmQUAyP1H91WcN4R0eI04X86SevVnaHlILZ9-jFywcU2LhpBxTbavxN007y7XwBQrSYTQRdfl8y_tVk7ysTU1QCuvyy2mrhTRYY5LH3ljWrw79NO5kj7TvE%26sig%3DCg0ArKJSzLMdnSQW4XHlEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138422087851&externalCreativeId=138422087851&externalPlacementId=22339889189&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6194459167&externalCampaignId=3133733458&externalAdvertiserId=4954976792&coppa=0&scriptId=celtra-script-1&clientTimestamp=1683079810.692&clientTimeZoneOffsetInMinutes=0&hostPageLoadId=1699961255189113
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 64768da24081dae0a70c887a5df583e07d2c0d9103b29122fa7225f3e65a33b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 07:23:51 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 585979
x-cache: Hit from cloudfront
server: Apache
etag: W/"8a495153af377b22878dc914a1e2d64a4147479df0a1e8ceb7532992913ad6c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1573146
accept-ranges: bytes
x-amz-cf-id: mI7eWp3r12KTzBxFnK8srwB_-aKnPXbsP4cAf92b7fXRRfmZNoyOBg==

GET
DATA 200
OK truncated
/ Frame 295B 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 42038ba9-2525-43d3-9267-81a04eb33e66
https://www.darkreading.com/ Frame 295B 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/42038ba9-2525-43d3-9267-81a04eb33e66
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079810944&de=456445247209&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=11&cb=0&ym=0&cu=1683079810944&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5199639540%3A3155635106%3A6225713667%3A138427734065&zMoatPS=welcome_v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=765310146&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079810968&de=887081167424&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=15&cb=0&ym=0&cu=1683079810968&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&zMoatPS=728_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=941172586&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2

404

404
www.darkreading.com/ Frame 0D0D
Redirect Chain

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
https://www.darkreading.com/404

181 KB
181 KB

125ms
125ms

Image
text/html

2606:4700::6811:7863
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/404
Protocol: H2
Server: 2606:4700::6811:7863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e5c2056e0496975b86f46eea89cf5671eb9744987ff00293dd37252ec9e63dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:11 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7c14f7568a7f1917-FRA

Redirect headers

date: Wed, 03 May 2023 02:10:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7c14f75429121917-FRA
expires: Wed, 03 May 2023 04:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F5027517339664842723&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810968&de=887081167424&cu=1683079810968&m=7&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339889189&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=7_fv179rrgf0i00000fv179rrgf0i00000fv1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_fv179rrgf0i00000fv179rrgf0i00000fv1&iq=na&tt=na&tc=0&fs=203238&na=1176433574&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079811003&de=555921621644&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=19&cb=0&ym=0&cu=1683079811003&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5224315150%3A3182672626%3A6270618857%3A138430836619&zMoatPS=300_1v_article&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=300_1v_article&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=918036790&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F16087554228709118407&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079811003&de=555921621644&cu=1683079811003&m=11&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=23&vx=23%3A-%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&pg=23&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4&cd=0&ah=4&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5224315150%3A3182672626%3A6270618857%3A138430836619&bo=22316126855&bp=22339889189&bd=300_1v_article&zMoatPS=300_1v_article&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=9_scxswetq97000000scxswetq97000000scx&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tz=9_scxswetq97000000scxswetq97000000scx&iq=na&tt=na&tc=0&fs=203238&na=445102507&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=PENTONMEDIA1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1683079811045&de=152386911438&m=0&ar=81c6b5a9873-clean&iw=1699ba1&q=23&cb=0&ym=0&cu=1683079811045&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4954976792%3A3133733458%3A6194459167%3A138422087851&zMoatPS=300_1v&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&bo=22316126855&bp=22339889189&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&gw=pentonmedia53440730609&fd=1&it=500&ti=0&ih=2&pe=1%3A688%3A1168%3A3912%3A705&iq=na&tt=na&fs=203238&na=877136028&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Feu-images.contentstack.com%2Fv3%2Fassets%2Fblt66983808af36a8ef%2Fblt4ff4a7f9bc8e31f7%2F619f4fb0a0cb8076d613e3ba%2FDark_Reading_Logo.svg%3Fquality%3D80%26format%3Djpg%26width%3D222&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810944&de=456445247209&cu=1683079810944&m=508&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=0&ag=43&an=0&gf=43&gg=0&ix=43&ic=43&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=43&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=85&cd=0&ah=85&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5199639540%3A3155635106%3A6225713667%3A138427734065&bo=22316126855&bp=22339889189&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=579381519&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame BA40 0
0 142ms
70ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202304270101&jk=1430801062654478&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 200 layuLwmq3jdBuTYQxid3_BliAeBVpa3hzTsmkPzdK-E.js Show response
pagead2.googlesyndication.com/bg/ Frame 6489 37 KB
14 KB 106ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/layuLwmq3jdBuTYQxid3_BliAeBVpa3hzTsmkPzdK-E.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95acae2f09aade3741b93610c62777fc196201e055a5ade1cd3b2690fcdd2be1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 27 Apr 2023 12:53:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 479811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14580
x-xss-protection: 0
last-modified: Tue, 25 Apr 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Apr 2024 12:53:20 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 295B 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubo-JxFix7YLVnfwPGpnrz1C3YTxDdOfShwQp8WRtRgAPFolHDJRTw-Yp69nFQgLx-Ps9mXoC-YLiGUJWCfstWsQYXuPUgdR_2mUW-ZJ-UwA45dDAsuaMHi_VuUTWZTQ_eASqCAg5oQDKK8GxaLIapZ__ihg0u5hN6M9iPpQSuoaPTkCXLq8i-_9UPsDjzan0Xr0gg5PpfyE1LFbzRUgqNUdUjYUocPiDSBwGzUav6b-UsJPd5BGptYrw4DPgfjjFex0MXjkY4o44hUfFn5Id-6B39xeWaILydCP-DiCOJmPP52n-dtcSq_k8Ol7p_3WnCsY0DkL41DXk9-pjlrxXbjZvt-dJ9Oswb3-nRpUSp31OIOdxC_UOlgA&sai=AMfl-YS0svzopK36isMit6tu3P-XMA-zr5pL_PENOji9VGeLxdePMPMxyOkLFDUER5PszV7kH4lnyyN54i0iu9fg2FNgjthanhDQYDQjgkO7nAJ9zwzfzmv0N15kifUNN_Y&sig=Cg0ArKJSzOsANUEkA3T8EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:11 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzMDc5ODExeGE1ODI4NzU1MDg4ZDc3eDc2NzkyODI4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NTUzNDI0NDI3NTk3OTc2IiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 424ms
100ms Image
image/gif 35.170.120.67

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzMDc5ODExeGE1ODI4NzU1MDg4ZDc3eDc2NzkyODI4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NTUzNDI0NDI3NTk3OTc2IiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTY4MzA3OTgxMS45MzUsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=679005031
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.120.67 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 03 May 2023 02:10:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810898&de=491665159743&cu=1683079810898&m=1114&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1109&an=2&gi=1&gf=1109&gg=2&ix=1109&ic=1109&ez=1&ck=1109&kw=856&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1109&bx=2&ci=1109&jz=856&dj=1&aa=0&ad=983&cn=0&gk=983&gl=0&ik=983&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=856&cd=4&ah=856&am=4&xd=00&rf=0&re=1&ft=983&fv=0&fw=983&wb=1&cl=0&at=0&d=4954976792%3A3133733458%3A6194459167%3A138423709163&bo=22316126855&bp=22339889189&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=14_mh3qacc94e000000mh3qacc94e000000mh3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_mh3qacc94e000000mh3qacc94e000000mh3&iq=na&tt=na&tc=0&fs=203238&na=943687656&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B87B 42 B
174 B 71ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsubPQQQJRvbAQI-BOcStn0lsOTiYGJeRul-jyqvBJ7Iw_586vVj8ZM3Uxey0hfCuBtGNgvmNljIcEKIcwlQETj09vVhjA6RA7zEGl0hpZgqX49cXhoF&sig=Cg0ArKJSzFkBJJi_b5SfEAE&id=lidar2&mcvt=1035&p=337,988,587,1288&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20230501&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3231611390&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683079810563&rpt=330&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0D0D 42 B
108 B 71ms
71ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuehc0rutO50YMSBfhoRwMttgrTAO3Q4h6HHmgcOw6zh8vDEp_PUzmcBrS-1zjVhgNzmR4qGZ-1pfx3ADOyF9kPapSTGIa_vkVRxdJIPVjv8B31IK7T&sig=Cg0ArKJSzKCTiuzhf6SjEAE&id=lidar2&mcvt=1037&p=0,0,1200,1600&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20230501&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=3533079339&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683079810532&rpt=406&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BB1 42 B
108 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvn9wA5aZyhR7b-fyEnlANjx8CzCkITcOXzmQMW0XvdlLVIaipJo23cK9zjFB9pc3lzML0R0GEPHPeTtmoSFFwq5gqe94USquMIYjcjZZx8hQtQtzCR&sig=Cg0ArKJSzDHoGEN_f38VEAE&id=lidar2&mcvt=1038&p=126,436,216,1164&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20230501&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=583554112&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1683079810586&rpt=378&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810898&de=491665159743&cu=1683079810898&m=1115&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1109&an=1109&gi=1&gf=1109&gg=1109&ix=1109&ic=1109&ez=1&ck=1109&kw=856&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1109&bx=1109&ci=1109&jz=856&dj=1&aa=0&ad=983&cn=983&gk=983&gl=983&ik=983&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=856&cd=856&ah=856&am=856&xd=00&rf=0&re=1&ft=983&fv=983&fw=983&wb=1&cl=0&at=0&d=4954976792%3A3133733458%3A6194459167%3A138423709163&bo=22316126855&bp=22339889189&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=14_mh3qacc94e000000mh3qacc94e000000mh3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_mh3qacc94e000000mh3qacc94e000000mh3&iq=na&tt=na&tc=0&fs=203238&na=151926932&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Open+Sans:700/ Frame A2BE 5 KB
6 KB 22ms
7ms Font
application/font-woff2 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Open+Sans:700/3_webfont.woff2?subset=BRTcegilorstuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 437ddb01d19265be7d4a89211c8fc3d8a00b14287ca788f018bc3f379ee2efd3

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 05:12:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7851481
x-cache: Hit from cloudfront
content-length: 5364
server: Apache
etag: "437ddb01d19265be7d4a89211c8fc3d8a00b14287ca788f018bc3f379ee2efd3"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 557579 10849319
accept-ranges: bytes
x-amz-cf-id: Jzh0MLDpMwVmHEA4ErJz0OCxN-H1s_dx_2TR9LunPxmLOVbsREkVGw==

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Open+Sans:400/ Frame A2BE 5 KB
6 KB 21ms
8ms Font
application/font-woff2 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Open+Sans:400/3_webfont.woff2?subset=BRTcegilorstuw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6184eb300e83dd7719838348d97bfb34247647feb2923bee66c94ab0174cca8e

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 20:29:42 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7882829
x-cache: Hit from cloudfront
content-length: 5396
server: Apache
etag: "6184eb300e83dd7719838348d97bfb34247647feb2923bee66c94ab0174cca8e"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 6361407 132457
accept-ranges: bytes
x-amz-cf-id: 1FyvbpOL1PZ2NEV_TOOwDDZaVfXNnpu1OZ2gF6Ch2pVPagdXR2zf5w==

GET
H2 200 1454a71d-cdbb-429c-8092-122f4493e0c7.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/ Frame A2BE 14 KB
15 KB 19ms
9ms Font
application/font-woff 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20%2C01235%3AABCDEFGHLMNOPQRSTVXYabcdefghiklmnoprstuvwyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 34b42c5ce546b40a2037bbf09f55aec26f58c287ca2a8ffa63c7e49706cc7132

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 17:40:37 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4868975
x-cache: Hit from cloudfront
content-length: 14420
server: Apache
etag: "34b42c5ce546b40a2037bbf09f55aec26f58c287ca2a8ffa63c7e49706cc7132"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 858180
accept-ranges: bytes
x-amz-cf-id: NfSV1jQcV474r1I8Qc-V5akoOPZlAyjI4lRAN4cZ6ZTOdkbrIBE6Jg==

GET
H2 200 57625f96-ca80-4602-9644-ec1803cb3ba3.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/ Frame A2BE 10 KB
10 KB 22ms
13ms Font
application/font-woff 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/57625f96-ca80-4602-9644-ec1803cb3ba3.woff?subset=%20%25()%2C-.02347ADEFGIKMNPRSTVXabcdefghiklmnopqrstuvwxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2e148dc38c607c46ee93288de29ed52a24bd5f32fd2ad5a22e433bf92aba9de4

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 21:32:36 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4941456
x-cache: Hit from cloudfront
content-length: 10188
server: Apache
etag: "2e148dc38c607c46ee93288de29ed52a24bd5f32fd2ad5a22e433bf92aba9de4"
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1150642 3118763
accept-ranges: bytes
x-amz-cf-id: r46MAuQXO48FAHg26N6UsFshYIpO8DxuBCKThP5S7OgXtbsyypndyg==

GET
H2 200 Resource%201.jpg
cache-ssl.celtra.com/api/blobs/db604d55da929265d69c2f32fe2a91a7230b8ecdc153e720eb21ffc8b74ac499/ Frame A2BE 2 KB
2 KB 8ms
8ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/db604d55da929265d69c2f32fe2a91a7230b8ecdc153e720eb21ffc8b74ac499/Resource%201.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 80ab9eaaabffb044c1ed8f7516b98f5609d4a3670accdea1c7d833d4e6df4c4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:09:21 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419651
x-cache: Hit from cloudfront
content-length: 1735
server: Apache
etag: "80ab9eaaabffb044c1ed8f7516b98f5609d4a3670accdea1c7d833d4e6df4c4c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1395391 1042708
accept-ranges: bytes
x-amz-cf-id: QH7Sov0R44JSrw-j-rC1Z-V8ofaJjfK-Lu-f1HrQsDiIKl5ZSgkfMQ==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/dec3f45cda8c5aaba657b0475adc818fc598ad34a56cc4bcffaa1a7496227d1e/ Frame A2BE 1 KB
2 KB 8ms
8ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/dec3f45cda8c5aaba657b0475adc818fc598ad34a56cc4bcffaa1a7496227d1e/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9482d083972b9b86d9467777ceafa143f366ce4a50068d66c93cc500e2589375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:17:48 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419144
x-cache: Hit from cloudfront
content-length: 1137
server: Apache
etag: "9482d083972b9b86d9467777ceafa143f366ce4a50068d66c93cc500e2589375"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2865114 604417
accept-ranges: bytes
x-amz-cf-id: gZv_Pw7Dm74SsQze6-IuqosVPwKWPrSmqsrU5CxLrTA2xLt3g9r4mw==

GET
H2 200 role%20of%20ndr%20-%20image.jpg
cache-ssl.celtra.com/api/blobs/c77aa41e0ca7649044f7b005b530d4016e509cc77ff966ebc2577c7a59e83948/ Frame A2BE 113 KB
114 KB 9ms
9ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c77aa41e0ca7649044f7b005b530d4016e509cc77ff966ebc2577c7a59e83948/role%20of%20ndr%20-%20image.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d99e971ca22c614d47663a5b5386ed9813dbcf481d8eedb075c3fbe98fe88f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 20:31:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4945139
x-cache: Hit from cloudfront
content-length: 115636
server: Apache
etag: "d99e971ca22c614d47663a5b5386ed9813dbcf481d8eedb075c3fbe98fe88f83"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1915404 2989220
accept-ranges: bytes
x-amz-cf-id: 9cgcd1aHg1nZ-GL0VnLuh61-fEkOSKnUajlhrSQ5EVgHf5NBZ-ZA1A==

GET
H2 200 iMac%20Monitor.png
cache-ssl.celtra.com/api/blobs/dc1b7f96742a9d2ff6f3390b898d6a697514f94304690eb220b0e63608c3740f/ Frame A2BE 120 KB
120 KB 8ms
8ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/dc1b7f96742a9d2ff6f3390b898d6a697514f94304690eb220b0e63608c3740f/iMac%20Monitor.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a41b66441a0e6ea6e4a35e9fc95c7c3c2b0563b259d324a117d69bceaf2b14b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 15:27:15 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5222577
x-cache: Hit from cloudfront
content-length: 122417
server: Apache
etag: "a41b66441a0e6ea6e4a35e9fc95c7c3c2b0563b259d324a117d69bceaf2b14b6"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 597918
accept-ranges: bytes
x-amz-cf-id: RKNIW0rsGa8ECGa-loaSntFLhtcGvrotjqxkurYoeYp9NUwMeqOteQ==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/99ada2299516b606f2d0db2dc6d77b64f1ed684fc9f7a990ae10e3e1da2e2942/ Frame A2BE 45 KB
45 KB 9ms
8ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/99ada2299516b606f2d0db2dc6d77b64f1ed684fc9f7a990ae10e3e1da2e2942/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 297e37e51d40ad1b63ff11bf62ffdfe25f48deb12db44b75f0b33d10f6e05c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 20:55:30 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 5894082
x-cache: Hit from cloudfront
content-length: 45674
server: Apache
etag: "297e37e51d40ad1b63ff11bf62ffdfe25f48deb12db44b75f0b33d10f6e05c36"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3344192
accept-ranges: bytes
x-amz-cf-id: qYN1p7W840puj4cOva_o2j0GrVq5Rjr-2IvzGTxulWfTHyzsePgjGQ==

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42/ Frame A2BE 579 B
1 KB 10ms
9ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 05:18:33 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10529499
x-cache: Hit from cloudfront
content-length: 579
server: Apache
etag: "adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 46174490
accept-ranges: bytes
x-amz-cf-id: Ie6YmN3lmhZGfs-viCAJJ7Pt6zVlBnBXA8DHeubi0cRW0Jayjrdcgw==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38/ Frame A2BE 619 B
1 KB 10ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:09:21 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419650
x-cache: Hit from cloudfront
content-length: 619
server: Apache
etag: "1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4309462 149460
accept-ranges: bytes
x-amz-cf-id: 00rUzNlbgVflH2qlW9yk7n3fm-sLzZYyWsf8_k29TXxbd7L2vImknQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810898&de=491665159743&cu=1683079810898&m=1115&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1109&an=1109&gi=1&gf=1109&gg=1109&ix=1109&ic=1109&ez=1&ck=1109&kw=856&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1109&bx=1109&ci=1109&jz=856&dj=1&aa=0&ad=983&cn=983&gk=983&gl=983&ik=983&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=856&cd=856&ah=856&am=856&xd=00&rf=0&re=1&ft=983&fv=983&fw=983&wb=1&cl=0&at=0&d=4954976792%3A3133733458%3A6194459167%3A138423709163&bo=22316126855&bp=22339889189&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=14_mh3qacc94e000000mh3qacc94e000000mh3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_mh3qacc94e000000mh3qacc94e000000mh3&iq=na&tt=na&tc=0&fs=203238&na=1347587667&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a/ Frame A2BE 1 KB
2 KB 13ms
12ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 21 Mar 2023 07:13:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3696992
x-cache: Hit from cloudfront
content-length: 1211
server: Apache
etag: "726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1382742
accept-ranges: bytes
x-amz-cf-id: 4G2BT6nZbiIxkxvJvrqME2ZixLyHQUb0cTfCXM8-jqA_FFulvkYhmw==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1/ Frame A2BE 1 KB
2 KB 10ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:15:02 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419309
x-cache: Hit from cloudfront
content-length: 1269
server: Apache
etag: "4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3332017
accept-ranges: bytes
x-amz-cf-id: 1trAasT5yQyvhhPrG23sd4oYrt3kbeUdtWnencblbLpFOx9cbP5Aqg==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190/ Frame A2BE 499 B
1012 B 13ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 05:18:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10529498
x-cache: Hit from cloudfront
content-length: 499
server: Apache
etag: "cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 42428440
accept-ranges: bytes
x-amz-cf-id: O2_gF--7STTEG9_JjSlswvqIs5WTmHGmgbwo35z4d61189WGQzTB4A==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614/ Frame A2BE 537 B
1 KB 13ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:15:02 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419310
x-cache: Hit from cloudfront
content-length: 537
server: Apache
etag: "7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 537748
accept-ranges: bytes
x-amz-cf-id: DlRRHG58LIi1Fw6BFNq4ZD96_x1KCGWgHi-g59NSUnff7bd-_IY7Xw==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe/ Frame A2BE 549 B
1 KB 12ms
11ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:13:29 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 1209403
x-cache: Hit from cloudfront
content-length: 549
server: Apache
etag: "768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 78943604
accept-ranges: bytes
x-amz-cf-id: VS00bGk3BEjAPqKlSoAH1ui8TG_vEP-RW_W0GdsgXXrsFsmNiNRlBw==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619/ Frame A2BE 607 B
1 KB 13ms
12ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:09:21 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419650
x-cache: Hit from cloudfront
content-length: 607
server: Apache
etag: "58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4085926 4085815
accept-ranges: bytes
x-amz-cf-id: MJHNPH3HML_aOl0Oq-fS24EPI9rUYBE0oINl6J-kTzuZ6610dI5vFg==

GET
H2 200 ExtraHop%20logo_blk.svg
cache-ssl.celtra.com/api/blobs/1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39/ Frame A2BE 4 KB
5 KB 13ms
12ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39/ExtraHop%20logo_blk.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 06 Feb 2023 05:15:02 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 7419310
x-cache: Hit from cloudfront
content-length: 4545
server: Apache
etag: "1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 5425144
accept-ranges: bytes
x-amz-cf-id: 7NLzsvna6F583bN5HY7RMVN8RJhlMxz2OPEuUyDByqFzMuBT3203Xg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzMDc5ODExeGE1ODI4NzU1MDg4ZDc3eDc2NzkyODI4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NTUzNDI0NDI3NTk3OTc2IiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY4MzA3OTgxMS45NDUsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExMi4wLjU2MTUuMTIxIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NSwiaGVpZ2h0Ijo1fSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjpmYWxzZSwiYWxsb3dOb25OYXRpdmVSQUZGb3JWaWV3YWJsZVRpbWVVc2VkIjpmYWxzZSwiY2xpZW50VGltZVpvbmVPZmZzZXRJbk1pbnV0ZXMiOjAsInN1cHBvcnRzQ29udGFpbmVyVmlld2FiaWxpdHkiOnRydWUsInN1cHBvcnRzQ29udGFpbmVySW5pdGlhbFZpZXdhYmlsaXR5Ijp0cnVlLCJ0YWdQYXJlbnRXaWR0aCI6MCwidGFnUGFyZW50SGVpZ2h0IjowLCJhbXBEZXRlY3RlZCI6ZmFsc2UsImFtcE5lc3RpbmdMZXZlbCI6IiIsInNhZmVGcmFtZURldGVjdGVkIjpmYWxzZSwiZmV0Y2hTdXBwb3J0ZWQiOnRydWUsImFzYXBFbmFibGVkIjpudWxsLCJuYXRpdmVQcm9taXNlc1N1cHBvcnRlZCI6dHJ1ZSwiYmVhY29uU3VwcG9ydGVkIjp0cnVlLCJJbnRlcnNlY3Rpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwiaXNNdXRhdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJ3ZWJWaWV3IjpudWxsLCJpc1dpbmRvd09wZW5OYXRpdmUiOnRydWUsInByb3RvTG9hZGluZyI6eyJkYXRhTG9hZFN0YXR1cyI6InN1cHBvcnRlZCIsImJsb2JMb2FkU3RhdHVzIjoic3VwcG9ydGVkIn0sInRvcFdpbmRvd0xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tIiwidG9wV2luZG93TG9jYXRpb25MZW5ndGgiOjI3LCJuYW1lIjoiZW52aXJvbm1lbnRJbmZvIn0seyJzZXNzaW9uSWQiOiJzMTY4MzA3OTgxMXhhNTgyODc1NTA4OGQ3N3g3Njc5MjgyOCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiOTU1MzQyNDQyNzU5Nzk3NiIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2ODMwNzk4MTIuMTE3LCJuYW1lIjoiYWdncmVnYXRvciIsIm1ldHJpYyI6Im1vbm90eXBlVXNhZ2VSZXBvcnRlZCIsInZhbHVlIjoxLCJjdXN0b21EaW1lbnNpb25zIjp7Im1vbm90eXBlUHJvamVjdElkIjoiYzQ2ZWQwOTAtMzY3MS00MTYzLWE4NWItYjA2YjQwMzhhZTM4IiwiY3JlYXRpdmVJZCI6ImRmNmQ3OTdjIn19XX0=?crc32c=390999130
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.120.67 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 03 May 2023 02:10:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810968&de=887081167424&cu=1683079810968&m=1048&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1043&an=2&gi=1&gf=1043&gg=2&ix=1043&ic=1043&ez=1&ck=1043&kw=808&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1043&bx=2&ci=1043&jz=808&dj=1&aa=0&ad=941&cn=0&gk=941&gl=0&ik=941&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=808&cd=3&ah=808&am=3&xd=00&rf=0&re=1&ft=941&fv=0&fw=941&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339889189&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=7_fv179rrgf0i00000fv179rrgf0i00000fv1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_fv179rrgf0i00000fv179rrgf0i00000fv1&iq=na&tt=na&tc=0&fs=203238&na=1489820723&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810968&de=887081167424&cu=1683079810968&m=1048&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1043&an=1043&gi=1&gf=1043&gg=1043&ix=1043&ic=1043&ez=1&ck=1043&kw=808&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1043&bx=1043&ci=1043&jz=808&dj=1&aa=0&ad=941&cn=941&gk=941&gl=941&ik=941&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=808&cd=808&ah=808&am=808&xd=00&rf=0&re=1&ft=941&fv=941&fw=941&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339889189&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=7_fv179rrgf0i00000fv179rrgf0i00000fv1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_fv179rrgf0i00000fv179rrgf0i00000fv1&iq=na&tt=na&tc=0&fs=203238&na=1549905701&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42/ Frame A2BE 579 B
1 KB 11ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 05:44:26 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10009546
x-cache: Hit from cloudfront
content-length: 579
server: Apache
etag: "adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1613829
accept-ranges: bytes
x-amz-cf-id: xvtdRAXSRNvmhnM2dzgk9iB3wT1Rb4qniauKmrqCLeGpDXbMQNpCeA==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38/ Frame A2BE 619 B
1 KB 12ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 01:05:17 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4237495
x-cache: Hit from cloudfront
content-length: 619
server: Apache
etag: "1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4957079
accept-ranges: bytes
x-amz-cf-id: _AFlxR0yu-8dnfXXJkZ1WdDrZJH5LsUr4JsRvSyvMF0v_pZ7363IpA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 05:18:33 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10529499
x-cache: Hit from cloudfront
content-length: 1211
server: Apache
etag: "726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 53688876
accept-ranges: bytes
x-amz-cf-id: 0ExEMkPcuxkqHdJqVkHTlyte-hegAlrDGFPxGIVIEmWf2VBOsG-oSg==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1/ Frame A2BE 1 KB
2 KB 12ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 19:18:15 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3480717
x-cache: Hit from cloudfront
content-length: 1269
server: Apache
etag: "4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 36441153
accept-ranges: bytes
x-amz-cf-id: DY3sEB_EZ6LwfOI1bPADq6-gdttAHAGAAM5QuHPRz8g_QMDckH2dyw==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190/ Frame A2BE 499 B
1011 B 12ms
10ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 07 Jan 2023 08:11:27 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10000724
x-cache: Hit from cloudfront
content-length: 499
server: Apache
etag: "cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1947180
accept-ranges: bytes
x-amz-cf-id: H2Dwx4D0IdB_UPCxbaV0DOYSQQpft2Zncu-IBzz2Vp1FFnjDsofKPA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 27 Mar 2023 03:51:06 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3190745
x-cache: Hit from cloudfront
content-length: 537
server: Apache
etag: "7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34121827
accept-ranges: bytes
x-amz-cf-id: wz1oeteT0nGc6XVmDK-yDZ2x9vwDdqVBmcsVvKTyEVo70o6WefTpXg==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe/ Frame A2BE 549 B
1 KB 13ms
11ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 01 Jan 2023 05:18:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10529498
x-cache: Hit from cloudfront
content-length: 549
server: Apache
etag: "768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 37829150
accept-ranges: bytes
x-amz-cf-id: AwYglwc40RyN6Xs1UKvvogiCWOu-z7aT-lFLN_4lzBcFusNiLFvtXg==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619/ Frame A2BE 607 B
1 KB 12ms
11ms Image
image/svg+xml 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 05:16:32 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2926419
x-cache: Hit from cloudfront
content-length: 607
server: Apache
etag: "58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2661896
accept-ranges: bytes
x-amz-cf-id: ZdHvrNB19Wkynugp1qDbGBs6fuL7ZeUB3eXVkpYDuqwnPYM95onuMA==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39/ExtraHop%20logo_blk.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 15 Mar 2023 18:44:07 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 4173964
x-cache: Hit from cloudfront
content-length: 4545
server: Apache
etag: "1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4853182 5088766
accept-ranges: bytes
x-amz-cf-id: 7G7w58VsZP-yltbwGcHXsgPYLccdYs2b1dO4JuFCSOqyMElbwa9Kyg==

GET
H2 200 Resource%201.jpg
cache-ssl.celtra.com/api/blobs/db604d55da929265d69c2f32fe2a91a7230b8ecdc153e720eb21ffc8b74ac499/ Frame A2BE 2 KB
2 KB 13ms
12ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/db604d55da929265d69c2f32fe2a91a7230b8ecdc153e720eb21ffc8b74ac499/Resource%201.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 80ab9eaaabffb044c1ed8f7516b98f5609d4a3670accdea1c7d833d4e6df4c4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sat, 18 Mar 2023 04:09:48 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3967223
x-cache: Hit from cloudfront
content-length: 1735
server: Apache
etag: "80ab9eaaabffb044c1ed8f7516b98f5609d4a3670accdea1c7d833d4e6df4c4c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 17963054 8462515
accept-ranges: bytes
x-amz-cf-id: G8AQ_jTNtqz00azWJ_KKhizRamfDkiS1UPGglKSLpQIB63ZafBiuXw==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/dec3f45cda8c5aaba657b0475adc818fc598ad34a56cc4bcffaa1a7496227d1e/ Frame A2BE 1 KB
2 KB 13ms
13ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/dec3f45cda8c5aaba657b0475adc818fc598ad34a56cc4bcffaa1a7496227d1e/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9482d083972b9b86d9467777ceafa143f366ce4a50068d66c93cc500e2589375

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 04:52:16 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3273476
x-cache: Hit from cloudfront
content-length: 1137
server: Apache
etag: "9482d083972b9b86d9467777ceafa143f366ce4a50068d66c93cc500e2589375"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 6697923
accept-ranges: bytes
x-amz-cf-id: bSJvoK488tzt9Ty38GSxq0dlLrV1MzVqGLLe15owlAVbIkutUEkCdg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c77aa41e0ca7649044f7b005b530d4016e509cc77ff966ebc2577c7a59e83948/role%20of%20ndr%20-%20image.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d99e971ca22c614d47663a5b5386ed9813dbcf481d8eedb075c3fbe98fe88f83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 22:54:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 2949324
x-cache: Hit from cloudfront
content-length: 115636
server: Apache
etag: "d99e971ca22c614d47663a5b5386ed9813dbcf481d8eedb075c3fbe98fe88f83"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2203819 2361644
accept-ranges: bytes
x-amz-cf-id: Zdtn_JMIiwtBwn26mJSRzjgByFKIQEVfJRLi4cAZfUG4FC1QQkKLOw==

GET
H2 200 iMac%20Monitor.png
cache-ssl.celtra.com/api/blobs/dc1b7f96742a9d2ff6f3390b898d6a697514f94304690eb220b0e63608c3740f/ Frame A2BE 120 KB
120 KB 14ms
14ms Image
image/png 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/dc1b7f96742a9d2ff6f3390b898d6a697514f94304690eb220b0e63608c3740f/iMac%20Monitor.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a41b66441a0e6ea6e4a35e9fc95c7c3c2b0563b259d324a117d69bceaf2b14b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Sun, 26 Mar 2023 04:00:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3276570
x-cache: Hit from cloudfront
content-length: 122417
server: Apache
etag: "a41b66441a0e6ea6e4a35e9fc95c7c3c2b0563b259d324a117d69bceaf2b14b6"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 11654204 33870271
accept-ranges: bytes
x-amz-cf-id: zOWzteLSdca74uDv4Yr_IKTHy-9tW_zBG6knu5GutKNa8xzlsTAmSw==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/99ada2299516b606f2d0db2dc6d77b64f1ed684fc9f7a990ae10e3e1da2e2942/ Frame A2BE 45 KB
45 KB 14ms
14ms Image
image/jpeg 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/99ada2299516b606f2d0db2dc6d77b64f1ed684fc9f7a990ae10e3e1da2e2942/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 297e37e51d40ad1b63ff11bf62ffdfe25f48deb12db44b75f0b33d10f6e05c36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 06:10:08 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3614403
x-cache: Hit from cloudfront
content-length: 45674
server: Apache
etag: "297e37e51d40ad1b63ff11bf62ffdfe25f48deb12db44b75f0b33d10f6e05c36"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 9601209
accept-ranges: bytes
x-amz-cf-id: 9-g0AS7PGPJh7RCFiaksf13PJwGCoL7mXkV0ujsUvkvaVhLZ2cgFmA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EAD 0
0 75ms
75ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuS0dhVB7AAiTRJFNRabh9o6xGWQK5RCz06GfSebq57fhWqxh_TjEcazhAr7tmkYkSS3qeNPOb9QGvvSxQhKGYfWypUy4xIMKGTmDLPOkZAGPbGVlu_LX1SQQLCFcqvNtS5oJ4D0OgP6J474JPEmaV7pHI6RlIihK1BF1RvN6X07-VwNG9QYPmMcWzN6DCA8w-kAZ2SGMnHFK7qXAEKMFncGbRLGDz4scIiF9WmQ4bcvkIYN79cG-ahEiJ-yeq-Ed2M9vMddxo2L27s1WHiJHPIIQ_h87c3SuSuvPzBFjDFojVKMyFAhjHEDaTF0A-EYaIS68Q5sWX1yAEhHnewzV_I8k9cLp0qDn2DTVxDBP0KEdHzFmPZ&sai=AMfl-YTDfn3SXQuelbTbNw2dVl3rKDnS_YGd77hmPkbrWm5UCkpEhVX7tg5cKGNJQzcHaDFi_IFIhLPqmsp9n7PwgEe2X76-B2ZA-LIaqj18-ZRgKTL_heZcoYIqrnFTTA&sig=Cg0ArKJSzGu6gkHHBoRMEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6489 0
10 B 37ms
37ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kMWGIA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:12 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjgzMDc5ODExeGE1ODI4NzU1MDg4ZDc3eDc2NzkyODI4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NTUzNDI0NDI3NTk3OTc2IiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY4MzA3OTgxMi4yMSwibmFtZSI6ImNyZWF0aXZlTG9hZGVkIiwidmlld2FiaWxpdHkwME1lYXN1cmFibGUiOnRydWUsInZpZXdhYmlsaXR5NTAxTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FibGVUaW1lTWVhc3VyYWJsZSI6ZmFsc2UsImNkblZhcmlhbnQiOiJub25lIn0seyJzZXNzaW9uSWQiOiJzMTY4MzA3OTgxMXhhNTgyODc1NTA4OGQ3N3g3Njc5MjgyOCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiOTU1MzQyNDQyNzU5Nzk3NiIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE2ODMwNzk4MTIuMjM0LCJuYW1lIjoidmlld3BvcnRQbGFjZW1lbnRHZW9tZXRyeSIsInBhZ2VEaW1lbnNpb25zIjp7ImhlaWdodCI6NDA4Miwid2lkdGgiOjE2MDB9LCJ2aWV3cG9ydFBvc2l0aW9uUmVjdCI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJsZWZ0IjowLCJ0b3AiOjB9LCJmaXJzdFBsYWNlbWVudFBvc2l0aW9uUmVjdCI6eyJsZWZ0Ijo5ODgsInRvcCI6Mjk2LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjc1MH19LHsic2Vzc2lvbklkIjoiczE2ODMwNzk4MTF4YTU4Mjg3NTUwODhkNzd4NzY3OTI4MjgiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6Ijk1NTM0MjQ0Mjc1OTc5NzYiLCJpbmRleCI6NSwiY2xpZW50VGltZXN0YW1wIjoxNjgzMDc5ODEyLjIzOSwibmFtZSI6InZpZXdhYmxlMDAiLCJjcml0ZXJpb24iOnsibmFtZSI6IkNvcmUiLCJyYXRpbyI6MCwidGltZSI6MH19LHsic2Vzc2lvbklkIjoiczE2ODMwNzk4MTF4YTU4Mjg3NTUwODhkNzd4NzY3OTI4MjgiLCJhY2NvdW50SWQiOiI0NGI3NGIzNSIsInN0cmVhbSI6ImFkRXZlbnRzIiwiaW5zdGFudGlhdGlvbiI6Ijk1NTM0MjQ0Mjc1OTc5NzYiLCJpbmRleCI6NiwiY2xpZW50VGltZXN0YW1wIjoxNjgzMDc5ODEyLjI1OCwidW5pdE5hbWUiOiJiYW5uZXIiLCJ1bml0VmFyaWFudExvY2FsSWQiOm51bGwsInNjcmVlbkxvY2FsSWQiOjM4MDQ1LCJzY3JlZW5UaXRsZSI6IlJlc291cmNlcyIsInNjcmVlbklzTWFzdGVyIjpmYWxzZSwib2JqZWN0TG9jYWxJZCI6bnVsbCwib2JqZWN0TmFtZSI6bnVsbCwib2JqZWN0Q2xhenoiOm51bGwsImluaXRpYXRpb25UaW1lc3RhbXAiOjE2ODMwNzk4MTIuMjU4LCJuYW1lIjoic2NyZWVuU2hvd24ifSx7InNlc3Npb25JZCI6InMxNjgzMDc5ODExeGE1ODI4NzU1MDg4ZDc3eDc2NzkyODI4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI5NTUzNDI0NDI3NTk3OTc2IiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY4MzA3OTgxMi4yNTgsIm5hbWUiOiJjcmVhdGl2ZVJlbmRlcmVkIn1dfQ==?crc32c=4054759756
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.120.67 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Wed, 03 May 2023 02:10:12 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 user_timeline Show response
cache-ssl.celtra.com/api/twitter/statuses/ Frame A2BE 72 KB
73 KB 296ms
296ms Script
application/javascript 18.66.112.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/twitter/statuses/user_timeline?screen_name=extrahop&jsonp=jsonp_celtra_twitter_proxy_76368
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/vulnerabilities-threats/apt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-43.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: aae9542fc9f5596b8a571e4e260c54d9cf1a1dc30bef72fd3cd2eb3c2c1cd42d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:12 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 55107fc1be09ed1afcf3154ed9bd93cc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 0
x-cache: Miss from cloudfront
server: Apache
etag: W/"f8342a60e77ece3853edd271396634d8c91d4df69fad23aea1e9193fdc6ddca5"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=900
access-control-allow-credentials: false
x-varnish: 7457959
accept-ranges: bytes
x-amz-cf-id: uLOWP7ojwATRyEtA-2CrHGfLT_JvdIe2ckty7cW8CAaBF9GvbHI0Pg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810968&de=887081167424&cu=1683079810968&m=1049&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=3824&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1043&an=1043&gi=1&gf=1043&gg=1043&ix=1043&ic=1043&ez=1&ck=1043&kw=808&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1043&bx=1043&ci=1043&jz=808&dj=1&aa=0&ad=941&cn=941&gk=941&gl=941&ik=941&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=808&cd=808&ah=808&am=808&xd=00&rf=0&re=1&ft=941&fv=941&fw=941&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339889189&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=7_fv179rrgf0i00000fv179rrgf0i00000fv1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_fv179rrgf0i00000fv179rrgf0i00000fv1&iq=na&tt=na&tc=0&fs=203238&na=1951752667&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 13ms
12ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810898&de=491665159743&cu=1683079810898&m=1394&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=54&vx=54%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1389&an=1109&gi=1&gf=1249&gg=1109&ix=1249&ic=1249&ez=1&ck=1109&kw=856&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1389&bx=1109&ci=1109&jz=856&dj=1&aa=1&ad=1263&cn=983&gn=1&gk=1263&gl=983&ik=1263&co=1263&cp=1111&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1111&cd=856&ah=1111&am=856&xd=00&rf=0&re=1&ft=1263&fv=983&fw=983&wb=1&cl=0&at=0&d=4954976792%3A3133733458%3A6194459167%3A138423709163&bo=22316126855&bp=22339889189&bd=300_2v&zMoatPS=300_2v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=14_mh3qacc94e000000mh3qacc94e000000mh3&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=14_mh3qacc94e000000mh3qacc94e000000mh3&iq=na&tt=na&tc=0&fs=203238&na=1438631143&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810968&de=887081167424&cu=1683079810968&m=1326&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1322&an=1043&gi=1&gf=1322&gg=1043&ix=1322&ic=1322&ez=1&ck=1043&kw=808&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1322&bx=1043&ci=1043&jz=808&dj=1&aa=1&ad=1220&cn=941&gn=1&gk=1220&gl=941&ik=1220&co=1220&cp=1044&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1044&cd=808&ah=1044&am=808&xd=00&rf=0&re=1&ft=1220&fv=941&fw=941&wb=1&cl=0&at=0&d=5134346611%3A3110972346%3A6157543105%3A138430455658&bo=22316126855&bp=22339889189&bd=728_1v&zMoatPS=728_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=7_fv179rrgf0i00000fv179rrgf0i00000fv1&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=7_fv179rrgf0i00000fv179rrgf0i00000fv1&iq=na&tt=na&tc=0&fs=203238&na=1983552877&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810944&de=456445247209&cu=1683079810944&m=1553&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1089&an=43&gi=1&gf=1089&gg=43&ix=1089&ic=1089&ez=1&ck=1089&kw=927&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1089&bx=43&ci=1089&jz=927&dj=1&aa=0&ad=988&cn=0&gk=988&gl=0&ik=988&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=927&cd=85&ah=927&am=85&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5199639540%3A3155635106%3A6225713667%3A138427734065&bo=22316126855&bp=22339889189&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=47466260&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810944&de=456445247209&cu=1683079810944&m=1554&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1089&an=1089&gi=1&gf=1089&gg=1089&ix=1089&ic=1089&ez=1&ck=1089&kw=927&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1089&bx=1089&ci=1089&jz=927&dj=1&aa=0&ad=988&cn=988&gk=988&gl=988&ik=988&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=927&cd=927&ah=927&am=927&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5199639540%3A3155635106%3A6225713667%3A138427734065&bo=22316126855&bp=22339889189&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=2052819278&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810944&de=456445247209&cu=1683079810944&m=1555&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1089&an=1089&gi=1&gf=1089&gg=1089&ix=1089&ic=1089&ez=1&ck=1089&kw=927&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1089&bx=1089&ci=1089&jz=927&dj=1&aa=0&ad=988&cn=988&gk=988&gl=988&ik=988&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=927&cd=927&ah=927&am=927&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5199639540%3A3155635106%3A6225713667%3A138427734065&bo=22316126855&bp=22339889189&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=2105489998&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 7ms
7ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=4&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fvulnerabilities-threats%2F-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=750&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079811045&de=152386911438&cu=1683079811045&m=1550&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=0&ag=32&an=0&gf=32&gg=0&ix=32&ic=32&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=32&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=63&cd=0&ah=63&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4954976792%3A3133733458%3A6194459167%3A138422087851&bo=22316126855&bp=22339889189&bd=300_1v&zMoatPS=300_1v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=13_ogmi35oboqd00000ogmi35oboqd00000ogm&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=13_ogmi35oboqd00000ogmi35oboqd00000ogm&iq=na&tt=na&tc=0&fs=203238&na=1602824328&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H2 200 BciKAcWg_normal.jpg
pbs.twimg.com/profile_images/1542988686467379200/ Frame A2BE 2 KB
2 KB 65ms
11ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/1542988686467379200/BciKAcWg_normal.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 -, , ASN (),

Reverse DNS

Software

ECS (frb/6713) /

Resource Hash

1fcb9ed4284d7fb39a42caa31dbac95eca9eba655190ccb6f3b71d866a7b7efd

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 02:10:12 GMT
strict-transport-security: max-age=631138519
x-content-type-options: nosniff
age: 128896
x-cache: HIT
server-timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length: 1807
x-response-time: 116
surrogate-key: profile_images profile_images/bucket/9 profile_images/1542988686467379200
last-modified: Fri, 01 Jul 2022 21:47:04 GMT
server: ECS (frb/6713)
x-tw-cdn: VZ, VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
x-transaction-id: faf3c3674b3ffdf8
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
perf: 7626143928
x-connection-hash: 5c49bdd48e5aa12a6841704822cf627a1cab5ab53d5d5b85cd1d1a6593bc6539
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
9ms Image
image/gif 2.19.229.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&pxm=6&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=PENTONMEDIA1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BO%24%3D!!tix%5Bh3MIJz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-OvWxB7OK%2BwMZCsQp2ax40sFhAG%2FDSrOcT3YuPDeRPzCKpm2EJ4UuS02eAlwWxmRnpyWz&rs=1-PnpNn7leOPQ59g%3D%3D&sc=1&os=1-1w%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=62&w=248&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&id=1&ii=4&f=0&j=&t=1683079810944&de=456445247209&cu=1683079810944&m=1757&ar=81c6b5a9873-clean&iw=1699ba1&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4082&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A688%3A1168%3A3912%3A705&as=1&ag=1292&an=1089&gi=1&gf=1292&gg=1089&ix=1292&ic=1292&ez=1&ck=1089&kw=927&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1292&bx=1089&ci=1089&jz=927&dj=1&aa=1&ad=1191&cn=988&gn=1&gk=1191&gl=988&ik=1191&co=1191&cp=1131&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1131&cd=927&ah=1131&am=927&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5199639540%3A3155635106%3A6225713667%3A138427734065&bo=22316126855&bp=22339889189&bd=welcome_v&zMoatPS=welcome_v&gw=pentonmedia53440730609&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339889189&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339889189&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tz=div-gpt-ad-welcome&iq=na&tt=na&tc=0&fs=203238&na=958506890&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.229.113 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-229-113.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 03 May 2023 02:10:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 03 May 2023 02:10:12 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202304270101&jk=1430801062654478&bg=!lpWllcHNAAYcDqajPA47ADkAdvg8WnXtzBd9Q_OgoLX-ryatHKgZnOBAbJyy2vdn9GeXZ2tsLt1UydTq_3DEjQHSVg4PCCFtqOsCAAABK1IAAAACaAEHCgCdVw4SBAZUWMakBS-un6oVhLVJVLCAELxJshU1WqgQdy-_85KoKuQKJ_XcpW8q0CGQ5dCBPHKs64Jl_pIfzvH-AEjHu0k_5ed34wSHzs-Ja_xIaVd1UfiTuTt11hMPFnABQbB0QGyH5O3CA8SV3BpTsRmR1139yC92YR682lntMZa2aWLmAK8qGBAidZw7QJeHA-7Ps-a8dqV12IXEQJkC7aSuY8ff2wi8eobpmUbTHiVm0X9tmee0l82qnB-9ede1l8bok_5nBFgh-EVdXSti05N9kssV8AQanK3tkBlUhCGdqxCNhr-qsRJZ4AEbPDYRets1m_TGuSIwS2mR87IgppJkIVD4jlRNIj3DHqdeG2fL0EhyY29CnRCxfC_NVslIcxkfA7JPY7veXj51SM9xX_nKf4sYo6gvetSzJKz_bUn5dbG_Kv-fYsj8I0guqT9IMENJ3pgUUMX0XigzrtQ7lNkWZmxVD2f5HHsef7mROzEekdM006jQRwpDo0nSILxC8N8yvorjTuKVZXRjQM9STlli-tF7GMC_IicXudkJkyCdhwC9zoBFEoTVNQyaKYDJ6XmHsl1NNyu1bdw1-q0WNAiDUQ4OhHlqXppMyb9yKilJzdQivmf6vvVFor4bGJDCboiplaxrUL49xCbAZAFYRsV51jkCg2l11_eJbnIo2SDaHmYtOUA-PMAqohVrha20VKCdimeaCjU_XdHXlQ_qDdnnrFNzqyuSCqa9joCpf0ozCvo-58H-WTLwTGEB5zarRRJiEHSCW1toGpsOmIlxmzxczXyCjC_N7QJs2GJ0iBWYQQt5PNepSyB1x0ftc-8jMcE5RyBz8kwew5gZBnq9Radlm91sF3ntV-Cf_wL5UOMRzru7c1rTwDF3SBhNuTfeeyVOeBSSKiPF1ZClwnlJrw4x40yi6l4eWtwnH8arPRceKAecNEgaG5QQJJphGWvDbMFZT8kAMClDIktukGGOMK8cB1ZJwc87xKXIqMCKS_dISnLFFTq1pPJ1iB0Ml5GVffadGUkqvoMBC9MZAzNcshxPtHNUX9T-vwF-hG4hdSdKd34irx5WvtM95GXI7NKcXh_DOnLChhZ33DbLF3TWKksM5rrvlyXz-8jTCt3xnnLdNe07HErxSEeRtaHlZLjMB-qiPVIxmZXC9Dp1ncjIHFO2PYiYkw-Nm9vRPYmRNqRgm9vZekeEYCkuW_6u
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 13:40:55	Name: _gcl_au Value: 1.1.152501872.1683079808
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: pTTNUJiRbvg
.youtube.com/	1970-01-20 15:50:31	Name: VISITOR_INFO1_LIVE Value: 3aAPzREbKxg
.darkreading.com/	1970-01-20 15:50:31	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+May+03+2023+02%3A10%3A07+GMT%2B0000+(GMT)&version=6.39.0&isIABGlobal=false&hosts=&consentId=65d6c538-4f63-4233-b20d-99324de70847&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fvulnerabilities-threats%2Fapt41-subgroup-plows-through-asia-pacific-utilizing-layered-stealth-tactics&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-20 21:00:07	Name: _cb Value: BndqxIBASkTaBjw65L
.darkreading.com/	1970-01-20 21:00:07	Name: _chartbeat2 Value: .1683079807659.1683079807659.1.Cl6-ayCcgF0kD7qd17Bnt7zNDXxr4h.1
.darkreading.com/	1970-01-20 11:31:21	Name: _cb_svref Value: null
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.darkreading.com/	1970-01-20 21:07:19	Name: _ga_1X1EHQ3PFR Value: GS1.1.1683079807.1.0.1683079807.60.0.0
.adnxs.com/	1970-01-20 13:40:55	Name: uuid2 Value: 8173631857864348275
.darkreading.com/	1970-01-20 13:43:40	Name: _gaexp Value: GAX1.2.0yXzgh3iSjOeRpygmZwteQ.19572.0
.darkreading.com/	1970-01-20 21:07:19	Name: _ga Value: GA1.2.601600176.1683079808
.darkreading.com/	1970-01-20 11:32:46	Name: _gid Value: GA1.2.193003425.1683079808
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: eabaa70c784e8aa293613f3c73ee3ebc960a2b4d302cf58a9292fce6b7193756%7C1b5ce72b886bba1d3f073f8f7d9554e41acfdf0dc93f80aeda984ee2d94bc2d7
.darkreading.com/	1970-01-20 11:31:19	Name: _gat_UA-135180592-2 Value: 1
.darkreading.com/	1970-01-20 11:31:21	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 21:07:19	Name: _sp_id.94c4 Value: ffe881f7-1f1a-459a-98cf-60b6f5fdc1cc.1683079808.1.1683079808.1683079808.e45b27ca-12d1-4551-9af6-5bd8e503ce63
.darkreading.com/	1970-01-20 21:07:19	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 21:07:19	Name: _td Value: f41e4aee-ebf1-45f8-b274-1633340d4c5c
.darkreading.com/	1970-01-20 20:16:55	Name: _hjSessionUser_2610568 Value: eyJpZCI6ImYyNTBmNmYyLWViMDgtNWQ2OC05ZjcxLTE1NWFkMmE1Y2U5NyIsImNyZWF0ZWQiOjE2ODMwNzk4MDc5MDIsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:31:21	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 11:31:19	Name: _hjIncludedInSessionSample_2610568 Value: 0
.darkreading.com/	1970-01-20 11:31:21	Name: _hjSession_2610568 Value: eyJpZCI6IjA0ODhjMTg1LTRiZjAtNGEzNS05Zjc2LTA2N2FlYWY4ZTFkMiIsImNyZWF0ZWQiOjE2ODMwNzk4MDc5MTEsImluU2FtcGxlIjpmYWxzZX0=
.darkreading.com/	1970-01-20 11:31:21	Name: _hjAbsoluteSessionInProgress Value: 0
.in.treasuredata.com/	1970-01-20 21:07:19	Name: _td_global Value: ec2a47b6-27b7-4a6b-838d-d26147410411
www.darkreading.com/	1970-01-20 11:32:46	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.darkreading.com/	1969-12-31 23:59:59	Name: at_check Value: true
.darkreading.com/	1970-01-20 20:16:55	Name: sp Value: 75dc57f3-c901-4dc9-9699-425261883001
.darkreading.com/	1970-01-20 21:07:19	Name: mbox Value: session#6101c04463f145c0aa63fcbd6be2f002#1683081669\|PC#6101c04463f145c0aa63fcbd6be2f002.37_0#1746324609
.darkreading.com/	1970-01-20 11:31:21	Name: mboxEdgeCluster Value: 37
.dpmsrv.com/	1970-01-20 21:07:19	Name: dpm_pxl Value: 6ed4781cb921c9beff7f3e35baa7aaa7a87a368c
.dpmsrv.com/	1970-01-20 21:07:19	Name: dpm_pxl_aid Value: 8173631857864348275
www.darkreading.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 20:52:55	Name: IDE Value: AHWqTUlfNs8BZIv66S3V4ADI0iLVSJ7WEnS2mNA4Y9v63YYUm8nNiqLeNrMHMVnDIn0
.darkreading.com/	1970-01-20 21:03:00	Name: ELOQUA Value: GUID=BFBC314441A441668F2E290BF9EA2E80
.darkreading.com/	1970-01-20 20:52:55	Name: __gads Value: ID=ba154b27009860c1:T=1683079810:S=ALNI_MbBeVHyehWTs5ZrYXYT9-t2ImQ6AQ
.darkreading.com/	1970-01-20 20:52:55	Name: __gpi Value: UID=00000bf4f89fe048:T=1683079810:RT=1683079810:S=ALNI_MYeaHachKZW3avQk0tF20LKl8UBrg
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.004

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=8173631857864348275 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
a.dpmsrv.com
a.teads.tv
ads.celtra.com
adservice.google.com
adservice.google.de
assets.ubembed.com
bam.eu01.nr-data.net
beta.darkreading.com
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
e77b565d31e7ba8355af7c955798b512.safeframe.googlesyndication.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.gstatic.com
geo.moatads.com
geolocation.onetrust.com
ib.adnxs.com
idsync.rlcdn.com
iirexhibitionslimite.tt.omtrdc.net
img.en25.com
in.ml314.com
js-agent.newrelic.com
ml314.com
pagead2.googlesyndication.com
pbs.twimg.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
track.celtra.com
trk.darkreading.com
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
z.moatads.com
107.23.141.241
108.138.17.119
13.32.99.16
13.32.99.18
13.32.99.33
142.0.173.15
142.250.186.130
151.101.1.131
151.101.194.137
151.101.2.137
18.66.112.43
18.66.97.53
185.221.87.23
185.89.210.101
2.18.232.7
2.19.229.113
2.19.229.28
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
23.37.51.81
2600:9000:2057:6200:18:1fcd:351:7bc1
2606:2800:134:fa2:1627:1fe:edb:1665
2606:4700:4400::ac40:9062
2606:4700::6810:3865
2606:4700::6811:190e
2606:4700::6811:7763
2606:4700::6811:7863
2606:4700::6812:bcf
2606:4700::6813:bc61
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9b
3.214.24.142
3.220.216.226
3.69.12.150
34.111.234.236
34.249.239.219
35.170.120.67
35.244.174.68
52.222.236.122
54.224.217.157
79.125.102.197
02476ceba7117f923e93d6dcef920895dc81d5745ed6dc429b1c0497306e3956
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97
03c8ef299748fad241484cddf509b6e90b394949882a72f9174dc97da671f151
04183289430803326acd6b1535457d8196284cb67186adb767c506c8c69a0fb1
061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783
08c083e2baf002fa5309ea1cd09424bf01644500dbb60828f6f28e4a61f7d0a6
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d4a5cec9519f904cfa8df4b77b1fe8172d3a0fcacff6b078154d8aa539b0827
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0e198a2d521948c31a85eff04b881542d8b31d8b5824f900a950ea34bf5ef811
0ecf52614cfcf19d9e54f6315e8469693c03fc619115da7ce952bd4257b76f03
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98
1233d721917f7d6b0cb2ef684806bb7337e1101a736c33b09f23ff7130ea37ed
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12e4d2fe2097908929be5b001e7fcba335c91f499c8958b0582b2d60ea3d5c0f
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
1552ddfb5eb259885e6033144c66ba9889fee3d3a0705dbf926e7c5ece7fff38
16a2fcf59eb7e6f04fe15ad2b13cff5fd8813a3267e7f4c57fdf16d35470f5d8
1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1c72d04766e1b42b2a74d00e59eec97dc37a16b8431bad584b710db510670d39
1fcb9ed4284d7fb39a42caa31dbac95eca9eba655190ccb6f3b71d866a7b7efd
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
297e37e51d40ad1b63ff11bf62ffdfe25f48deb12db44b75f0b33d10f6e05c36
2adfabdca47e7ea3ca23597e24f6415dea9842d97159920b12d55796273b50f0
2e148dc38c607c46ee93288de29ed52a24bd5f32fd2ad5a22e433bf92aba9de4
2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421
2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870
30caa0bd9da9af61b40c5c9a1d09547a8f118010ebe75f689d1b757c17614a3d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
332be8338c36d31c73519e17af7df81c34188319ba032325031df6ad299fac1e
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
34b42c5ce546b40a2037bbf09f55aec26f58c287ca2a8ffa63c7e49706cc7132
35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a
3558c7125539d656f9748385188b6fe8c5e4d2fbeb917dbec2d7e35cae796862
36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58
376b375ec61eede75153d58bef2bc31f6903ce677eeb3bdf048a384c3f884331
3877d41650a514a8d5ac7b902c21deb8875eb1459ecd1dcb7e02fb3bb2a3f722
389d923e6539ba315a204b05da03241c4c006e33df5db111a32dc797fa654308
39132fc0de70f649a5d3a455a87f0808579e01f0dac763feca8491ba11a361e6
3a6fa14cfa3cdcf85341187d29abcda5038766aab39a879ea09d993d5423d1ce
3ac783c64400e0429ae3b8c235204473347ca03aa0dfe7c94c43fbbbcc2bec1d
3d847022b4855577f07071ade28e6ffba86c014283f02fbba7d326690b157ee9
3dd230495afe1edb4b962cf4491730bc2cab7a74be3d93944e43c81ba732e520
3e5c2056e0496975b86f46eea89cf5671eb9744987ff00293dd37252ec9e63dc
41ef81d6f571298e0209e804b325b90b9ae06f8cbfe65f942536552e496caceb
429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589
42a69348bb53b155c5d4fa084e826b2ca4f80cdcd131455fe33c8ab8b1f32ddc
437ddb01d19265be7d4a89211c8fc3d8a00b14287ca788f018bc3f379ee2efd3
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46989843cf6db9b279fe42b1ad1f76e09e30eabc768be16ea6c6bb2f94c67883
4ac5125d9e6282058927575b3a1bac5c31bf9e010e156c9b8be7220f7d4d61f1
4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3
4ca2039a328b8430658284ee603ab8b1a8554e7e35afae2a094ea9838af9f60e
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
51e416712f2a66c0f2abf8fc2ea4d86df45109a57406156a6ebec14c8138d626
53350e307f02d76f2b5b69ad7ec7f53e6d32e84d2718f03ddd4b8fcd752f454b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
57a8f70f885309f74a5a904d5989111601ebba64f7a758058d7631673d74ef96
57fe8d28cca4c533612d2672befd03a270ce5b11102e3e483bd2b96c7baf8136
584e18559bbb004441536d357452aa863692edb0be74bb1ebc53cfad23b2ef44
58e73e4948d9c7c32021729a196556f59eef27195229490af474f4a40e037619
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6184eb300e83dd7719838348d97bfb34247647feb2923bee66c94ab0174cca8e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
630558d3404078c9d67241863742de65a866b23d70c314cd1f26169b2b3d7fde
631bee91a3474e98f04cd3b27892f2ec20400e9ade7d3d5856fd90363b3425f9
64768da24081dae0a70c887a5df583e07d2c0d9103b29122fa7225f3e65a33b6
66195863737f757919b892f6ca9cba149b964fe24cf653ac0df066ea6e610d3e
663b4b1099eec28e06c7a52760f4a825fa6019b34d80c167707222cbe22c0f83
675bffd297e39d40cdda2a763e1c9eb6ddca95de192f33f52a924e47f9e099de
67f99ac35e1f837e5571b596248acd66df2dddedb17e20ba4527c825ec957ced
6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed
6b8627232387981d31ff15f8ee92e706bc550acd37bbddfa9072c0fa61118c7c
6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126
6f2731b7ddbfae256839a740f6dda68ec6e67a4cf1e62a8ed4ffce75a589d16d
720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60
726157d753ed650622c3de8047126cb298f7a55302abcd5169dbedd660dab44a
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
768c6797a6ffb5f2ea191ffded4131ae7c83f3a3d22d3afa5daf1254c0c70bbe
7a2d130d856e259df45172119aa265effcbd33db967bde0a0b43db2c1ecef614
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7d32d986efea23aa237240bb8c937ec1370e781e7561b80a04202ab7fa95454c
7df0d18e6174b50b7fabed5713eb475cca055943d92809a31e85f45329d9e5e6
80ab9eaaabffb044c1ed8f7516b98f5609d4a3670accdea1c7d833d4e6df4c4c
810089696e5655d5d4c98fde5a9a82da1af87500456fde63ee30845a787f891e
81d50aff02889109dbd93d915814d4b8cabd50d108b081827416f8d5dfb8f87d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
89ace38a0038ccf388c8c29d714f512a6fdcfd580f1fdebaacc050bc29b109e4
8b95abe7fc24dcfcb2a39ba7887760551af01a59b680371c08bf45be52f5fdb6
8c01620cc643e8a19f0955ec8ac6aad41ada99655090013fa3f2ce98bb2a2a5e
91fbb7a9babc1b566b3614f14b9e8c673d8e5a471cf63cdab2e6f6ec8bcf212e
92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4
9482d083972b9b86d9467777ceafa143f366ce4a50068d66c93cc500e2589375
95acae2f09aade3741b93610c62777fc196201e055a5ade1cd3b2690fcdd2be1
981a6fc6c212bbebf95cb8ba05a6cf43caedfdc678afe6b9ec26085b500d57ae
9c52fb85b7798d62e60aee232ae9b2a224c88d52cd6405bac28a3a2a18d11642
9c67112b5f8d340c888c5e8c90bec42c1676d9af06f0c78711c29aa4aa23590d
9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7
9dff15c6576770a67939c29928d8e31ff30ecc041354b5eecacc82bbe51aafa2
a41b66441a0e6ea6e4a35e9fc95c7c3c2b0563b259d324a117d69bceaf2b14b6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7fb30561d8467c6f0ccce6a2c156e1d241abe05efd7aee22ec3f2f0952bee58
a8b05c68229751e6975553a4f9000ed8abd9c1a4e7aa4e56f4ef3eaf375265a7
aae9542fc9f5596b8a571e4e260c54d9cf1a1dc30bef72fd3cd2eb3c2c1cd42d
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
adbd4dd590300081e85e79620feb4ef2099545eb351826a0c485b5a8925f5a42
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2
bc8a0e96b413df5d3b36e7a337062bebc617c73ba48c990545f5ee5bb1304eb6
bdd688b20a1a33d20762bcc5881e93f6a479577694270cc4d7e453725ee15019
be5f099a5361b1b0cf95c08d4f30774a6c9a32371fc8c236b0857764f1ef1baa
c56908853e84671cdc69e97187adf97d35b1f7d446e67c0ff57e86cfff0ff437
c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01
c95c0994d62d97c528e8e239fd9b65b87e9a85719437051a37e2946f20455587
c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067
cb2778bbe6a181131e60639b0dbbea7a49696c20204cccb14fd13aca26b53190
cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0a877beb2eb03dba0c3835a4677185e51b39bb0dd1c869c8606471e4b3a4dca
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d6fb52a1c6c89ce89a590a52e7caa21e0f9dca798ac335c2c3f08a96ce71532e
d8d41783702d7bb7a7a9c548b151903859eb90a32d29eeaa3487a7937611a27f
d993d894f9713b3d26ccd12fb9bfdd84e48131d1eef5d20d41f1cdc7bcc9c00f
d99e971ca22c614d47663a5b5386ed9813dbcf481d8eedb075c3fbe98fe88f83
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dcef0a2eb37a3d8e32ddf11f664b3375a06980cf33792aa7bfb798b15cb646d1
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de037885f3473318639a54e9be6972cae629c5078361ae33520c616e07dad1bc
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898
e1e779400a82dc66165854384cab22bed09762f0d1b9d5e0da2a31563adb740c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e545f7cba21b3b1d476c0c498825825ea90c49fb0d06a237f6d62d9bde0b9b98
e54f6dd45ddca0b2de26ce3ba1622eb755f28fd5c4a36b4cc95ee1df44430c05
e60eac0f2636af6308d91526e82dff118e961332236bbe87a134f7e5d0d5037e
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f65f126b410244bdb82fcf54cf53ec3a651bbda9b055845a5f3bcfe279527ce6
f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa0508572bc08a5cde3bd8041250e70364fec655c6513e73cb8dfb6a040f8c8b
fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307
fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

www.darkreading.com Open in urlscan Pro 2606:4700::6811:7863 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

246 Requests

98 %HTTPS

48 %IPv6

36 Domains

56 Subdomains

53 IPs

6 Countries

5109 kBTransfer

12710 kBSize

39 Cookies

47 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6811:7863 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

98 %
HTTPS

48 %
IPv6

36
Domains

56
Subdomains

53
IPs

6
Countries

5109 kB
Transfer

12710 kB
Size

39
Cookies

246 HTTP transactions
10 data transactions