| www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/&ved=2ahUKEwjlqPXo9caFAxWGElkFHc-_BkUQFnoECBAQAw&usg=AOvVaw1J1DEOg1iQ9FiWb8ypkapB | 142.250.74.164 | | 417 B |
URL www.google.com/url?sa=t&source=web&rct=j&opi=89978449&url=https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/&ved=2ahUKEwjlqPXo9caFAxWGElkFHc-_BkUQFnoECBAQAw&usg=AOvVaw1J1DEOg1iQ9FiWb8ypkapB IP142.250.74.164:0
File typeJavaScript source, ASCII text, with very long lines (636) Hashc0e5e5935c28878323b24e5da2b28ea8 3ef821aaf24a5cb797bd0ac1e25f1fa7e76f920c 824143a33ecf727d39a1c4403023441369f90007e5a1381f96736c007636897d
GET /url?sa=t&source=web&rct=j&opi=89978449&url=https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/&ved=2ahUKEwjlqPXo9caFAxWGElkFHc-_BkUQFnoECBAQAw&usg=AOvVaw1J1DEOg1iQ9FiWb8ypkapB HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: SOCS=CAESHAgBEhJnd3NfMjAyMjA5MjktMF9SQzEaAnJvIAEaBgiAkvOZBg
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 14:18:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-uA12p_GG_ofnOw0K2BlTDQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-encoding: br
server: gws
content-length: 417
x-xss-protection: 0
set-cookie: __Secure-ENID=19.SE=YIVwrtaQo9pBipFbZPyVoSbxanrVrjmt2jRFK_A4gkVm6gLo1TDZZTxJ4DzxVQTeSjtzT_rs6YNhYGNJL7WbudU8e7G5d710YiqUB5D4nG7A7xilNEu1SD-kni6_rrIPjRAqRbP_tOpuXUcSeWgc_p3yFpYkycW6Y7kpOXOGnMjoalk; expires=Sat, 17-May-2025 06:36:26 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=lax
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| perception-point.io/wp-content/uploads/2020/03/lineto-circular-bold.woff2 | 141.193.213.21 | 200 OK | 35 kB |
URL GET HTTP/3perception-point.io/wp-content/uploads/2020/03/lineto-circular-bold.woff2 IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 34960, version 0.0 Hashda46404a5ff7625aca912f9292d31a6a 4bf839a6ec7bd3fa3cfb0496a84bf21eae1909a0 23e71bdfef13622d0d52b2b4b7ed3c1edb9e81f210692130dee9a521e97d062f
GET /wp-content/uploads/2020/03/lineto-circular-bold.woff2 HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: font/woff2
content-length: 34960
last-modified: Tue, 25 Apr 2023 14:13:12 GMT
etag: "6447dff8-8890"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1708758
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda10d3d56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 | 141.193.213.21 | 200 OK | 78 kB |
URL GET HTTP/3perception-point.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 78196, version 331.-31261 Hashe8a427e15cc502bef99cfd722b37ea98 a9922842a120a7f1eaced667480c5e185a106d69 d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: font/woff2
content-length: 78196
last-modified: Mon, 08 Apr 2024 07:51:18 GMT
etag: "6613a1f6-13174"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda10d3c56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 | 141.193.213.21 | 200 OK | 13 kB |
URL GET HTTP/3perception-point.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 13276, version 331.-31261 Hashf0f8230116992e521526097a28f54066 0447c6b10bbf73f97b23dcfd6e6a48510822cb6e 8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: font/woff2
content-length: 13276
last-modified: Mon, 08 Apr 2024 07:51:18 GMT
etag: "6613a1f6-33dc"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda10d3856b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 | 141.193.213.21 | 200 OK | 82 kB |
URL GET HTTP/3perception-point.io/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 81612, version 1.0 Hashb4d6b90f14c0441aac364e194978408e 142696d43851c8eba0f54c7b94c5f6ebd09703e6 6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
GET /wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: font/woff2
content-length: 81612
last-modified: Mon, 08 Apr 2024 07:51:18 GMT
etag: "6613a1f6-13ecc"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda10d3056b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf | 141.193.213.21 | 200 OK | 4.8 kB |
URL GET HTTP/3perception-point.io/wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, ratemypost Hash5772d7b0d9851e23e062eafadaf7729f c774ae6a5da5dd14342db3281735dc2812da1d3d 40d4cb30d26c1301383bc7445dd80bf4e3279374d2ff74c771aa4c3db182358f
GET /wp-content/plugins/rate-my-post/public/css/fonts/ratemypost.ttf HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: application/octet-stream
content-length: 4824
last-modified: Sun, 24 Mar 2024 07:41:38 GMT
etag: "65ffd932-12d8"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda10d2d56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/uploads/2020/03/lineto-circular-black.woff2 | 141.193.213.21 | 200 OK | 36 kB |
URL GET HTTP/3perception-point.io/wp-content/uploads/2020/03/lineto-circular-black.woff2 IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 35512, version 0.0 Hash44e65ad5464db028c282f3e79cd6441e db6d310c4c7e5538bc7e628e0f1232c7b2663945 a8002849ea799a4dcf1be0b1abe0f010991cbae508f24f62e9ee0262590197eb
GET /wp-content/uploads/2020/03/lineto-circular-black.woff2 HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: font/woff2
content-length: 35512
last-modified: Tue, 25 Apr 2023 14:13:13 GMT
etag: "6447dff9-8ab8"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda10d3f56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/axe-web-blocks/perception-point/header-pp/templates/images/search-icon.png | 141.193.213.21 | 200 OK | 374 B |
URL GET HTTP/3perception-point.io/wp-content/axe-web-blocks/perception-point/header-pp/templates/images/search-icon.png IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1982cf6b80f00df06900f775623c27b7 949b172cae7f5659399dc166c89cdf1b76083011 daff235c7c86d88d8ab32e0a6664b796d9d3c730519ed7470dd3d9d21e07f922
GET /wp-content/axe-web-blocks/perception-point/header-pp/templates/images/search-icon.png HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: image/webp
content-length: 374
last-modified: Sun, 31 Dec 2023 11:47:22 GMT
etag: "659154ca-176"
expires: Thu, 27 Feb 2025 10:20:38 GMT
cache-control: max-age=31536000
vary: Accept, Accept-Encoding
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1192006
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda1ae2556b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/uploads/2020/03/lineto-circular-book.woff2 | 141.193.213.21 | 200 OK | 31 kB |
URL GET HTTP/3perception-point.io/wp-content/uploads/2020/03/lineto-circular-book.woff2 IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 31348, version 0.0 Hash31ecf4807ac55a882fc8fd7c6e07d6f9 229d886e2db50b5092b3aeff0b37d43930b53743 2482d39f8d8a1045efc613b32102fdb5cb9a1b6ff291397b62d852a0b0ee648f
GET /wp-content/uploads/2020/03/lineto-circular-book.woff2 HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: font/woff2
content-length: 31348
last-modified: Tue, 25 Apr 2023 14:13:13 GMT
etag: "6447dff9-7a74"
cache-control: public, max-age=31536000
vary: Accept-Encoding
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda11d4356b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/axe-web-blocks/perception-point/footer/templates/images/footer-lines.svg | 141.193.213.21 | 200 OK | 1.5 kB |
URL GET HTTP/3perception-point.io/wp-content/axe-web-blocks/perception-point/footer/templates/images/footer-lines.svg IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash2490a427afd155c0e301369a369eeb4b f409e20e77b7828e685f7b8c75b3617f801a7dc2 c97032e475783c4af9f0ebf51d48825015afa765609d65e43c3a4572414ff0b4
GET /wp-content/axe-web-blocks/perception-point/footer/templates/images/footer-lines.svg HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Mon, 08 May 2023 14:02:58 GMT
etag: W/"64590112-6df"
cache-control: public, max-age=31536000
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 4160922
server: cloudflare
cf-ray: 8754cda1ae3c56b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ | 141.193.213.21 | 200 OK | 66 kB |
URL User Request GET HTTP/2perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeHTML document, ASCII text, with very long lines (53889) Hash1428f47cbe36b305c1e15704d2dd308f 0e3b01a1db7580f9b413180e0d92191f027b81f8 7462e2d2982a9c1f17361663d18c09489d21c9773b4570400ab109cac8575bf4
GET /blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.google.com/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 16 Apr 2024 14:18:11 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-security-policy: frame-ancestors 'self'; object-src 'none';
referrer-policy: no-referrer-when-downgrade
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
link: <https://perception-point.io/wp-json/>; rel="https://api.w.org/", <https://perception-point.io/wp-json/wp/v2/posts/34935>; rel="alternate"; type="application/json"
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA; path=/; expires=Tue, 16-Apr-24 14:48:11 GMT; domain=.perception-point.io; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 8754cd8e1d6256a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| perception-point.io/wp-content/uploads/2023/02/perception-point-logo-min-300x113.png.webp | 141.193.213.21 | 200 OK | 5.3 kB |
URL GET HTTP/3perception-point.io/wp-content/uploads/2023/02/perception-point-logo-min-300x113.png.webp IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash13a8d1bed28a93ef32e0d8605fbacf8e 922479b14002596a5741ad693aa0293aa7fd3ca6 c40318e0191d62523827f1c453723e0865461d6de426a1d48ca16a6e80fed824
GET /wp-content/uploads/2023/02/perception-point-logo-min-300x113.png.webp HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: image/webp
content-length: 5306
last-modified: Tue, 25 Apr 2023 14:13:13 GMT
etag: "6447dff9-14ba"
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8754cda3084256b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js | 141.193.213.21 | 200 OK | 8.9 kB |
URL GET HTTP/3perception-point.io/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (9056), with no line terminators Hash797c2156a7211100e9aceff7365be7a4 b70b89caf8cc05c7cbef1077e06994085331c5cc 812cdb2da5fee86d2f5a423fb5010af68f20c594f081b40f3b7f0050736e9ea8
GET /wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: application/javascript
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding
last-modified: Tue, 06 Feb 2024 10:42:43 GMT
etag: W/"65c20d23-22bc"
cache-control: public, max-age=31536000
access-control-allow-origin: *
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1233430
server: cloudflare
cf-ray: 8754cda11d4856b9-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/uploads/2020/03/cropped-favicon-1-192x192.png | 141.193.213.21 | 200 OK | 1.1 kB |
URL GET HTTP/3perception-point.io/wp-content/uploads/2020/03/cropped-favicon-1-192x192.png IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash5fd9228213ebfef552c22e8576d17a7a 289dfbff43019ef73031b90fa54adb006a5a1147 30f210a3736467a891048d6f92e8c411e699ca1222e314d7f2387567bca8e704
GET /wp-content/uploads/2020/03/cropped-favicon-1-192x192.png HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: image/webp
content-length: 1054
last-modified: Tue, 25 Apr 2023 14:13:13 GMT
etag: "6447dff9-41e"
expires: Fri, 04 Apr 2025 08:18:59 GMT
cache-control: max-age=31536000
vary: Accept, Accept-Encoding
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 347400
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda2af9b56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|
| perception-point.io/wp-content/uploads/2020/03/cropped-favicon-1-32x32.png | 141.193.213.21 | 200 OK | 244 B |
URL GET HTTP/3perception-point.io/wp-content/uploads/2020/03/cropped-favicon-1-32x32.png IP141.193.213.21:443 ASN#209242 Cloudflare London, LLC
Requested byhttps://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/ CertificateIssuerCloudflare, Inc. Subjectperception-point.io Fingerprint8D:6C:C5:DD:B0:57:A1:90:FE:AC:E1:7F:D1:08:5E:D6:A5:A2:08:C5 ValidityWed, 30 Aug 2023 00:00:00 GMT - Wed, 28 Aug 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash742a3637bf5f5c81ebea6633abe9c9e9 7e1be8d82dafc39d4962a788641e873d9ab74124 a9e2c483ed520c3c2713d2bce0bfbd8cc360258de4fdc40cb3679cbc9cd969a7
GET /wp-content/uploads/2020/03/cropped-favicon-1-32x32.png HTTP/1.1
Host: perception-point.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://perception-point.io/blog/operation-phantomblu-new-and-evasive-method-delivers-netsupport-rat/
DNT: 1
Connection: keep-alive
Cookie: __cf_bm=3w6eJK6JQDGl3UJh1j1cCaAFRAXGMfsZG7mhffbeSyc-1713277091-1.0.1.1-Bp6QZAW1pjir6rfDa01FUyDzgf0MykguptdYkqMflnXcNpgV8qAgSdxQ7exkCXlSPdz23tvqkM4tRbAavrTSPA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Tue, 16 Apr 2024 14:18:12 GMT
content-type: image/webp
content-length: 244
last-modified: Tue, 25 Apr 2023 14:13:13 GMT
etag: "6447dff9-f4"
expires: Tue, 01 Apr 2025 14:37:19 GMT
cache-control: max-age=31536000
vary: Accept, Accept-Encoding
permissions-policy: geolocation=self
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cf-cache-status: HIT
age: 1233428
accept-ranges: bytes
server: cloudflare
cf-ray: 8754cda2af9d56b9-OSL
alt-svc: h3=":443"; ma=86400
|
|