www.darkreading.com Open in urlscan Pro
2606:4700::6812:6f2f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Submission: On March 13 via api (March 13th 2024, 2:43:05 pm UTC) from TR — Scanned from DE

Summary HTTP 186 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 37 IPs in 5 countries across 25 domains to perform 186 HTTP transactions. The main IP is 2606:4700::6812:6f2f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 154533.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 9th 2024. Valid for: 10 months.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
81	2606:4700::68... 2606:4700::6812:6f2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6813:b234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
4	18.245.86.118 18.245.86.118	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:264... 2600:9000:2646:fe00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
1	18.214.208.237 18.214.208.237	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.27.107 13.32.27.107	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	108.138.26.31 108.138.26.31	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:6d2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.198.248.132 18.198.248.132	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
6	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a05:d018:94a... 2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9	16509 (AMAZON-02) (AMAZON-02)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	132.226.214.62 132.226.214.62	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	2606:4700:440... 2606:4700:4400::6812:2595	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.236.93.95 54.236.93.95	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
2	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
186	37

81 2606:4700::6812:6f2f (United States)

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6813:b234 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.245.86.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-86-118.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2646:fe00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b5 (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.208.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-208-237.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-107.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.26.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-31.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6d2f (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.248.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-248-132.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 132.226.214.62 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2595 (United States)

ASN13335 (CLOUDFLARENET, US)

api.iiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.236.93.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-93-95.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
82	darkreading.com www.darkreading.com — Cisco Umbrella Rank: 154533 c.darkreading.com — Cisco Umbrella Rank: 356698	994 KB
21	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214 www3.doubleclick.net — Cisco Umbrella Rank: 18573 stats.g.doubleclick.net — Cisco Umbrella Rank: 84	206 KB
19	googlesyndication.com fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	274 KB
13	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 47396	320 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 334	289 KB
7	moatads.com z.moatads.com — Cisco Umbrella Rank: 805 mb.moatads.com — Cisco Umbrella Rank: 985 px.moatads.com — Cisco Umbrella Rank: 679	115 KB
4	informa.com static.iris.informa.com — Cisco Umbrella Rank: 54179	1 MB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1968 in.ml314.com — Cisco Umbrella Rank: 10249	12 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 14214 eu01.in.treasuredata.com — Cisco Umbrella Rank: 23331	20 KB
3	google.com marketingplatform.google.com — Cisco Umbrella Rank: 16159 region1.analytics.google.com — Cisco Umbrella Rank: 2656 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	245 KB
2	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 8845	903 B
2	iiris.com api.iiris.com — Cisco Umbrella Rank: 163622	2 KB
2	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8644	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 703 script.hotjar.com — Cisco Umbrella Rank: 882	61 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 321348 assets.ubembed.com — Cisco Umbrella Rank: 12090	49 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 622	29 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6744	408 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1475	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1743	15 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 541	304 B
1	gstatic.com fonts.gstatic.com	46 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 788	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
186	25

	Domain	Requested by
80	www.darkreading.com	www.darkreading.com
19	securepubads.g.doubleclick.net	www.darkreading.com
13	pagead2.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
13	eu-images.contentstack.com	www.darkreading.com
10	cdn.cookielaw.org	www.darkreading.com cdn.cookielaw.org
5	px.moatads.com	www.darkreading.com
5	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net
4	static.iris.informa.com	www.darkreading.com
3	www.googletagmanager.com	www.darkreading.com
2	bam.eu01.nr-data.net	www.darkreading.com
2	api.iiris.com	www.darkreading.com
2	ml314.com	z.moatads.com ml314.com
2	cognito-identity.eu-west-1.amazonaws.com	www.darkreading.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
1	www.google.com	www.darkreading.com
1	js-agent.newrelic.com	www.darkreading.com
1	in.ml314.com	ml314.com
1	mb.moatads.com	z.moatads.com
1	z.moatads.com	securepubads.g.doubleclick.net
1	fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	www.google.de	www.darkreading.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	script.hotjar.com	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	marketingplatform.google.com	www.darkreading.com
1	www3.doubleclick.net	1 redirects
1	geolocation.onetrust.com	www.darkreading.com
1	fonts.gstatic.com	fonts.googleapis.com
1	static.cloudflareinsights.com	www.darkreading.com
1	connect.facebook.net	www.darkreading.com
1	fonts.googleapis.com	www.darkreading.com
186	38

This site contains links to these domains. Also see Links.

Domain
www.informa.com
dr-resources.darkreading.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
www.twitter.com
www.reddit.com
www.statista.com
securityintelligence.com
ve.informaengage.com
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
informationweek.com
info.wrightsmedia.com
www.informatech.com
www.onetrust.com

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2024-03-09` - `2024-12-31`	10 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2024-03-01` - `2024-12-31`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-21` - `2024-03-20`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.js.ubembed.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-05`	a year	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
iiris.com GTS CA 1P5	`2024-03-02` - `2024-05-31`	3 months	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Frame ID: 68683E36003F1B9525D9AD28556AB864
Requests: 164 HTTP requests in this frame

Frame: https://fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 509F0C96934263111148E1AF19379C65
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js
Frame ID: 1FE6D9EDA7A862489A69D0583F2CD05B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuKeZ7n61bb766mMc0E44QLrfB-BYAHviUMFoOoAcUCnAp9T-ZRTmT_Dt555DpLwJn8tOGXKJUL7zEq3klPJlPYLL63Q4_HMcYG_4HaxDycT68rBN-qMsVhamL4RapouDI1noyZe_JYaVn0Br8pVGUIntxFwVOgtYWBeK2pzHgxy8QUFG1HKOYbCJiLCAGRmnOdUj633Yli8pcndH7uWIUwiS4or9OtL4aH06qqW7w1FdV4svnKugSIHzPhODo2Fxy87jrdeip1UAxvrVjsIfZlrki--j4aC6qojNmB3CSQiuKPE83TSJypYkaov7DEwAhWtxmFAKbQ9hfVMalNiEHrVLQjqX9EzT30roQg02-j4VnM04O08ez87on7l-LT7rYplpiNrOI5eR9704kZjfE&sig=Cg0ArKJSzNAVDD_8OvqhEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 98D331EC1C460864CE50B0437D9BF422
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A478AA5B72E40781CB9873EA0080A7AE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A2A92408836FA197483F434CA99133F4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

'PixPirate' RAT Invisibly Triggers Wire Transfers from Android DevicesCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

186
Requests

99 %
HTTPS

64 %
IPv6

25
Domains

38
Subdomains

37
IPs

5
Countries

4122 kB
Transfer

9150 kB
Size

19
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: https://www.informa.com/about-us/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://www.informa.com/investors/
Title: INVESTOR RELATIONS

Search URL Search Domain Scan URL

URL: https://www.informa.com/talent/
Title: TALENT

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3&hl=en-US&gl=US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices&title=%27PixPirate%27%20RAT%20Invisibly%20Triggers%20Wire%20Transfers%20From%20Android%20Devices

Search URL Search Domain Scan URL

URL: https://www.statista.com/statistics/1230211/number-pix-persons-companies-type-transaction-brazil/
Title: according to Statista

Search URL Search Domain Scan URL

URL: https://www.statista.com/statistics/1230195/volume-pix-transactions-type-brazil/
Title: around $250 billion

Search URL Search Domain Scan URL

URL: https://securityintelligence.com/posts/pixpirate-brazilian-financial-malware/
Title: a new blog post from IBM

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf75&ch=SBX&cid=_upcoming_webinars_8.500001416&_mc=_upcoming_webinars_8.500001416
Title: Assessing Your Critical Applications' Cyber Defenses

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk99&ch=SBX&cid=_upcoming_webinars_8.500001419&_mc=_upcoming_webinars_8.500001419
Title: Unleash the Power of Gen AI for Application Development, Securely

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5965&ch=SBX&cid=_upcoming_webinars_8.500001418&_mc=_upcoming_webinars_8.500001418
Title: The Anatomy of a Ransomware Attack, Revealed

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf76&ch=SBX&cid=_upcoming_webinars_8.500001420&_mc=_upcoming_webinars_8.500001420
Title: How To Optimize and Accelerate Cybersecurity Initiatives for Your Business

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_soph160&ch=sbx&cid=_upcoming_webinars_8.500001404&_mc=_upcoming_webinars_8.500001404
Title: Building a Modern Endpoint Strategy for 2024 and Beyond

Search URL Search Domain Scan URL

URL: https://ve.informaengage.com/virtual-events/cybersecuritys-hottest-new-technologies-what-you-need-to-know/?ch=sbx&cid=_session_16.500316&_mc=_session_16.500316
Title: Cybersecurity's Hottest New Technologies - Dark Reading March 21 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/asia-24/?cid=_session_16.500313&_mc=_session_16.500313
Title: Black Hat Asia - April 16-19 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5682&ch=sbx&cid=_analytics_7.300006009&_mc=_analytics_7.300006009
Title: Industrial Networks in the Age of Digitalization

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5680&ch=sbx&cid=_analytics_7.300006008&_mc=_analytics_7.300006008
Title: Zero-Trust Adoption Driven by Data Protection

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5678&ch=sbx&cid=_analytics_7.300006007&_mc=_analytics_7.300006007
Title: How Enterprises Assess Their Cyber-Risk

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/cybersecurity/security-monitoring/incident-readiness-and-building-response-playbook/429723?cid=_analytics_7.300005908&_mc=_analytics_7.300005908
Title: Incident Readiness and Building Response Playbook

Search URL Search Domain Scan URL

URL: https://informationweek.com/whitepaper/software/information-management/forrester-report-the-total-economic-impactandtrade-of-bizagi%E2%80%99s-low-code-intelligent-process-automation-platform/429123?cid=_analytics_7.300005896&_mc=_analytics_7.300005896
Title: Forrester Report: The Total Economic Impact Of Bizagi's Low-Code Intelligent Process Automation Platform

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_msf356&ch=SBX&cid=_whitepaper_14.500005602&_mc=_whitepaper_14.500005602
Title: Upgrade your cybersecurity in the era of AI

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk100&ch=SBX&cid=_whitepaper_14.500005583&_mc=_whitepaper_14.500005583
Title: Cheat Sheet - 5 Strategic Security Checkpoints

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf65&ch=sbx&cid=_whitepaper_14.500005555&_mc=_whitepaper_14.500005555
Title: Global Perspectives on Threat Intelligence

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk81&ch=sbx&cid=_whitepaper_14.500005516&_mc=_whitepaper_14.500005516
Title: Buyer's Guide: Choosing a True DevSecOps Solution for Your Apps on AWS

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/free/w_snyk73/prgm.cgi?a=1&cid=_whitepaper_14.500005514&_mc=_whitepaper_14.500005514
Title: Understanding AI Models to Future-Proof Your AppSec Program

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.informatech.com/

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy|

Search URL Search Domain Scan URL

URL: https://www.informatech.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

186 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pixpirate-rat-invisibly-triggers-wire-transfers-android-devices Show response
www.darkreading.com/application-security/ 255 KB
49 KB 1773ms
1705ms Document
text/html 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01f72131ddc7f6e363115621b63a62591aa77c98e1c5f30927c0660adca0888e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status: EXPIRED
cf-ray: 863ccb270dd65c2c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 13 Mar 2024 14:42:59 GMT
last-modified: Wed, 13 Mar 2024 14:33:04 GMT
server: cloudflare
strict-transport-security: max-age=3153600000
vary: Accept-Encoding

GET
H2 200 styles.generated-4XZZNIWX.css
www.darkreading.com/build/_assets/ 8 KB
3 KB 50ms
49ms Stylesheet
text/css 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/styles.generated-4XZZNIWX.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 590236
etag: W/"1e46-18e13b16668"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31b9ca5c2c-FRA

GET
H2 200 swiper.min-FCSS2HML.css
www.darkreading.com/build/_assets/ 5 KB
3 KB 64ms
63ms Stylesheet
text/css 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/swiper.min-FCSS2HML.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1149971
cf-polished: origSize=6255
etag: W/"186f-18dc174dd30"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31b9cc5c2c-FRA

GET
H2 200 brand.generated-YQIT2KWC.css
www.darkreading.com/build/_assets/ 377 KB
47 KB 65ms
65ms Stylesheet
text/css 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/brand.generated-YQIT2KWC.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2953a341b436dedf351d2d43be5d2f05ddf56bfe394a5ad7c10a368dde3ee640

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786927
cf-polished: origSize=387264
etag: W/"5e8c0-18e08a6a210"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31b9ce5c2c-FRA

GET
H2 200 pirate-Tithi_Luadthong-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltfdfbb41376bc0b04/65f09c9afb4f2f040a4ae84a/ 3 KB
3 KB 100ms
28ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltfdfbb41376bc0b04/65f09c9afb4f2f040a4ae84a/pirate-Tithi_Luadthong-Alamy.jpg?width=850&auto=webp&quality=10&format=jpg&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

2bb6313879a2dbd651cb5e64cb9a1a001909f1895afaa3999f982073f6fce35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img10-europe-west2
age: 45964
x-cache: HIT, HIT
fastly-io-info: ifsz=1173225 idim=4500x3000 ifmt=jpeg ofsz=2604 odim=850x567 ofmt=webp
filename1: custom
content-disposition: inline; filename=pirate-Tithi_Luadthong-Alamy.webp
fastly-stats: io=1
content-length: 2604
x-request-id: 843105afb7ec9be859428c7be72c0454
x-served-by: cache-ams12735-AMS, cache-fra-etou8220059-FRA
x-runtime: 103ms
server: contentstack
x-timer: S1710340980.552553,VS0,VE4
x-contentstack-organization: blt5948195ac13977b0
etag: "z4Hz9ulFNFKpxEUZaT7qkDuIf2tf07MPGUgIzFbT1mw"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 79ms
30ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 13:18:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 13 Mar 2024 14:42:59 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 92ms
47ms Script
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 28048
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0256fef0-601e-0016-317c-22cf54000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb3208b95c80-FRA
expires: Thu, 14 Mar 2024 14:42:59 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 78ms
33ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /RTAD1TAPuPWblD15GN1pg==
age: 60667
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6842
x-ms-lease-status: unlocked
last-modified: Mon, 11 Mar 2024 20:43:22 GMT
server: cloudflare
etag: 0x8DC420BE439404D
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5256a3eb-d01e-0095-552a-74d136000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb3208b75c80-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 88 KB
28 KB 114ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58989addec2b23a52581d08bf717d6e0e78ed2063229d9035f44f895eb1b1c79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28646
x-xss-protection: 0
server: cafe
etag: 454 / 19795 / m202403070101 / config-hash: 8657700630701795708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 14:42:59 GMT

GET
H2 200 informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/ 3 KB
3 KB 43ms
42ms Image
image/png 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6505552
cf-polished: origSize=4020
etag: W/"fb4-18c818b3850"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 863ccb31c9d15c2c-FRA
content-length: 2815

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
859 B 49ms
48ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 08 Mar 2024 17:53:27 GMT
server: cloudflare
etag: W/"65eb5097-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 863ccb320a465c2c-FRA
expires: Fri, 15 Mar 2024 14:42:59 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 70ms
25ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7e12e312a860642114d130c0f90c03f1845b9a874edae82e7489d55d4ec7892

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 13 Mar 2024 14:42:59 GMT
content-md5: epJnVn4by7JIo4w/1f1pbw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1294, tbw=2774, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: cjDMbkSSmHved/AEywisvddozbAzxuxtTHDG7Y4l70zxfEWA9A2/8UEATiY9irMqRwRupArXPHqJ6So26zEUjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e1f9f5cbc60a9f8bf186fa0fe8af412a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "02092babf91e7b6152e3fb7235e1a3d7"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Wed, 13 Mar 2024 14:46:54 GMT

GET
H2 200 entry.client-VOU2QAI4.js Show response
www.darkreading.com/build/ 546 B
433 B 52ms
46ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/entry.client-VOU2QAI4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6274643
cf-polished: origSize=547
etag: W/"223-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31d9e55c2c-FRA

GET
H2 200 chunk-654PJEY4.js Show response
www.darkreading.com/build/_shared/ 121 KB
40 KB 79ms
73ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-654PJEY4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1149961
cf-polished: origSize=124372
etag: W/"1e5d4-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31d9e85c2c-FRA

GET
H2 200 chunk-ADOFUXDS.js Show response
www.darkreading.com/build/_shared/ 122 KB
28 KB 87ms
81ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ADOFUXDS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6274643
cf-polished: origSize=125229
etag: W/"1e92d-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31d9eb5c2c-FRA

GET
H2 200 chunk-KQKZX6A4.js Show response
www.darkreading.com/build/_shared/ 52 KB
18 KB 57ms
51ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KQKZX6A4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6274643
cf-polished: origSize=54355
etag: W/"d453-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31d9ec5c2c-FRA

GET
H2 200 chunk-ZSCMMWXX.js Show response
www.darkreading.com/build/_shared/ 1006 B
650 B 78ms
72ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZSCMMWXX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 70206
cf-polished: origSize=1007
etag: W/"3ef-18e146dffa8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31d9ee5c2c-FRA

GET
H2 200 chunk-24I3U5PI.js Show response
www.darkreading.com/build/_shared/ 2 KB
850 B 80ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-24I3U5PI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093e0be5a6bd61e6a7a47709285d0645ea419ed77cc671e36997d2134844d317

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1549
etag: W/"60d-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31d9f35c2c-FRA

GET
H2 200 chunk-TFR26LLE.js Show response
www.darkreading.com/build/_shared/ 2 KB
890 B 79ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TFR26LLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1150792
cf-polished: origSize=1765
etag: W/"6e5-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9f65c2c-FRA

GET
H2 200 chunk-JIELW6ZE.js Show response
www.darkreading.com/build/_shared/ 1 MB
379 KB 83ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JIELW6ZE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5dfe34d5f38b0af5740091a34d340d1f79abd9568bde3d233e8277067d0703

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 590236
cf-polished: origSize=1232478
etag: W/"12ce5e-18e13b16668"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9f75c2c-FRA

GET
H2 200 chunk-KOMF73OU.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 80ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KOMF73OU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

365541df37d0e7336234d0a3eb12b22b00c9ae4a776bd6287e452bac10b2f57e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786925
cf-polished: origSize=1967
etag: W/"7af-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9f85c2c-FRA

GET
H2 200 chunk-2MQOLYJ6.js Show response
www.darkreading.com/build/_shared/ 99 B
176 B 75ms
70ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2MQOLYJ6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1149961
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9fa5c2c-FRA

GET
H2 200 chunk-4OFPQ62H.js Show response
www.darkreading.com/build/_shared/ 99 B
181 B 74ms
68ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4OFPQ62H.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6505552
cf-polished: origSize=100
etag: W/"64-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9fc5c2c-FRA

GET
H2 200 chunk-GKMAA2PC.js Show response
www.darkreading.com/build/_shared/ 2 KB
793 B 76ms
70ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GKMAA2PC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f40e17e4af4d3a35e401e0c0dd9a7cf96ce8cb9413b311c2c2747c74cb6a8a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1873
etag: W/"751-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9fd5c2c-FRA

GET
H2 200 chunk-JSLP45NT.js Show response
www.darkreading.com/build/_shared/ 445 B
405 B 80ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JSLP45NT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 4154725
cf-polished: origSize=446
etag: W/"1be-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9fe5c2c-FRA

GET
H2 200 chunk-EJDXW353.js Show response
www.darkreading.com/build/_shared/ 99 B
163 B 85ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EJDXW353.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6505552
cf-polished: origSize=100
etag: W/"64-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31e9ff5c2c-FRA

GET
H2 200 chunk-W42GJVNL.js Show response
www.darkreading.com/build/_shared/ 286 B
290 B 79ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-W42GJVNL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1672687
cf-polished: origSize=287
etag: W/"11f-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea005c2c-FRA

GET
H2 200 chunk-D7WDW5HZ.js Show response
www.darkreading.com/build/_shared/ 21 KB
5 KB 74ms
69ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-D7WDW5HZ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dbcf27f196a314b9436ec98ee5eb4cc45e161db7e221a9d7cad1e357bead673

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=21151
etag: W/"529f-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea025c2c-FRA

GET
H2 200 chunk-QF2327UI.js Show response
www.darkreading.com/build/_shared/ 294 B
301 B 76ms
71ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QF2327UI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6505552
cf-polished: origSize=295
etag: W/"127-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea045c2c-FRA

GET
H2 200 chunk-YQ4U4Y27.js Show response
www.darkreading.com/build/_shared/ 100 KB
31 KB 82ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YQ4U4Y27.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

28a9b7206dd22037dac819e4f09765836a31de17a8eb24c35b72d14e16ec6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=102186
etag: W/"18f2a-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea055c2c-FRA

GET
H2 200 chunk-OPBPIYNX.js Show response
www.darkreading.com/build/_shared/ 2 KB
794 B 95ms
90ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-OPBPIYNX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04b173010c4558c5eda3eb8fe73e09bca28e8423a90ab8700d294165da64d7be

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1539
etag: W/"603-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea065c2c-FRA

GET
H2 200 chunk-J56IETE6.js Show response
www.darkreading.com/build/_shared/ 99 B
178 B 79ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-J56IETE6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1149961
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea085c2c-FRA

GET
H2 200 chunk-M23ACG5S.js Show response
www.darkreading.com/build/_shared/ 5 KB
2 KB 81ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-M23ACG5S.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e9a49cfbe04a98c8377001d92f1edd420226e312a150eab1273e36f79914f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786925
cf-polished: origSize=4636
etag: W/"121c-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea095c2c-FRA

GET
H2 200 chunk-NYVDH3MD.js Show response
www.darkreading.com/build/_shared/ 99 B
209 B 80ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NYVDH3MD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6506091
cf-polished: origSize=100
etag: W/"64-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea0a5c2c-FRA

GET
H2 200 chunk-B5KWAA4P.js Show response
www.darkreading.com/build/_shared/ 73 KB
24 KB 80ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-B5KWAA4P.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f49c652e2f5b17601342d1279bf695e8b875ed0740bbe9adc1c2ae695afb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=76519
etag: W/"12ae7-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea0e5c2c-FRA

GET
H2 200 chunk-BGVAJVIT.js Show response
www.darkreading.com/build/_shared/ 268 B
309 B 86ms
81ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BGVAJVIT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 590236
cf-polished: origSize=269
etag: W/"10d-18e13b16668"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea0f5c2c-FRA

GET
H2 200 chunk-RV3JR3RD.js Show response
www.darkreading.com/build/_shared/ 99 B
161 B 78ms
74ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RV3JR3RD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1672687
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea115c2c-FRA

GET
H2 200 chunk-U4RHUKDM.js Show response
www.darkreading.com/build/_shared/ 99 B
162 B 82ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-U4RHUKDM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6274643
cf-polished: origSize=100
etag: W/"64-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea135c2c-FRA

GET
H2 200 chunk-WDD67XQQ.js Show response
www.darkreading.com/build/_shared/ 15 KB
6 KB 84ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WDD67XQQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 9180306
cf-polished: origSize=15141
etag: W/"3b25-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea155c2c-FRA

GET
H2 200 chunk-7J2FKJXT.js Show response
www.darkreading.com/build/_shared/ 135 KB
41 KB 80ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7J2FKJXT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

963b5d457ebb5ccce695884037900e0406851975cde1b12c52fafc4c031099c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=138014
etag: W/"21b1e-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea185c2c-FRA

GET
H2 200 chunk-AEBM4IWQ.js Show response
www.darkreading.com/build/_shared/ 99 B
188 B 81ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AEBM4IWQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1150792
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea1a5c2c-FRA

GET
H2 200 chunk-CUSGF42S.js Show response
www.darkreading.com/build/_shared/ 214 KB
74 KB 81ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-CUSGF42S.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9accf6b25643a8347224bbcdd2713716e394603a21af24798b81615b94d9d405

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=219043
etag: W/"357a3-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea1c5c2c-FRA

GET
H2 200 root-UWV46DNA.js Show response
www.darkreading.com/build/ 44 KB
13 KB 79ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/root-UWV46DNA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf0cf805d7837a3df42f3afaa50296ccadc3f2ef16f16011a658bc7375184c42

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 596393
cf-polished: origSize=44576
etag: W/"ae20-18e13b16668"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea1d5c2c-FRA

GET
H2 200 chunk-HE5ROSU2.js Show response
www.darkreading.com/build/_shared/ 1 KB
812 B 79ms
75ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HE5ROSU2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64f57e11505d9153e001258ad9d23d655613b433b2139adef3d4affa03e25e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 68100
cf-polished: origSize=1499
etag: W/"5db-18e146dffa8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea1e5c2c-FRA

GET
H2 200 chunk-AYLJONZA.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 80ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AYLJONZA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65d1d7d68ec29435497fc67c21997ad9f372e6e9b8be04977101d79429d831d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 595628
cf-polished: origSize=3211
etag: W/"c8b-18e13b16668"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea1f5c2c-FRA

GET
H2 200 chunk-Q7VZLRUE.js Show response
www.darkreading.com/build/_shared/ 2 KB
735 B 99ms
95ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-Q7VZLRUE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f3a169d77b4aa03aff5d585021444dcfa7ee194a70607f5b9395b93ac705c60

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 785109
cf-polished: origSize=2070
etag: W/"816-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea205c2c-FRA

GET
H2 200 chunk-37YIYYOJ.js Show response
www.darkreading.com/build/_shared/ 1 KB
680 B 79ms
76ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-37YIYYOJ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

183959399e0b22aeb7e61d320057c3ec1c71429e806b7f8ac9a6a55c923e7b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1240
etag: W/"4d8-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea215c2c-FRA

GET
H2 200 chunk-N3MZC5VU.js Show response
www.darkreading.com/build/_shared/ 9 KB
3 KB 82ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-N3MZC5VU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d45f36fddebccb6e44da45a7b867ec665175308988dca2b33f209e3a7b9e386

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=9117
etag: W/"239d-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea245c2c-FRA

GET
H2 200 chunk-PO2LRPG4.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 80ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-PO2LRPG4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

421f42d1b8aa0245a58289f8d638468b08f5245a848eeb1d9ca3a18d39bc2bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=4128
etag: W/"1020-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea265c2c-FRA

GET
H2 200 chunk-6GEGUMFF.js Show response
www.darkreading.com/build/_shared/ 975 B
655 B 80ms
77ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6GEGUMFF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 4154721
cf-polished: origSize=976
etag: W/"3d0-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea275c2c-FRA

GET
H2 200 chunk-HQRTWE5A.js Show response
www.darkreading.com/build/_shared/ 594 B
422 B 84ms
81ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HQRTWE5A.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6505552
cf-polished: origSize=595
etag: W/"253-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea295c2c-FRA

GET
H2 200 chunk-4QXBREJA.js Show response
www.darkreading.com/build/_shared/ 2 KB
866 B 81ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4QXBREJA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

958df270928e54a1b4aed023a148d72f95b6e1a0c4747ac97bb7fd3655fa473c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 785109
cf-polished: origSize=1806
etag: W/"70e-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea2b5c2c-FRA

GET
H2 200 chunk-B5DD5IOP.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 82ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-B5DD5IOP.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ccb7bcf8e72fe4e720be101ba8daec8d9f90b7fbd3bf4fc3421b8f11f50d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 785109
cf-polished: origSize=2252
etag: W/"8cc-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea2c5c2c-FRA

GET
H2 200 chunk-6A2GLJQM.js Show response
www.darkreading.com/build/_shared/ 99 B
161 B 81ms
78ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6A2GLJQM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1672687
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea2e5c2c-FRA

GET
H2 200 chunk-G3XDEOOF.js Show response
www.darkreading.com/build/_shared/ 225 KB
75 KB 160ms
157ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-G3XDEOOF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be7ae15b5f90bc66f452898fad399e264e5ef8c8f1e288b0c6689dfed08fe0f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 397557
cf-polished: origSize=230749
etag: W/"3855d-18e146dffa8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea305c2c-FRA

GET
H2 200 chunk-MQ5IVPQD.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 82ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-MQ5IVPQD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce85dfc16c30b2f6141531a0d895a9a16b3d28b536441c314acd65f4cfefb8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=3232
etag: W/"ca0-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea315c2c-FRA

GET
H2 200 chunk-YB2PZH4U.js Show response
www.darkreading.com/build/_shared/ 99 B
212 B 83ms
81ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YB2PZH4U.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 148832
cf-polished: origSize=100
etag: W/"64-18e146dffa8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea335c2c-FRA

GET
H2 200 chunk-GY4YSMUY.js Show response
www.darkreading.com/build/_shared/ 99 B
200 B 97ms
95ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GY4YSMUY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1150792
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea345c2c-FRA

GET
H2 200 chunk-7ABGLIHU.js Show response
www.darkreading.com/build/_shared/ 99 B
176 B 83ms
81ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7ABGLIHU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 737087
cf-polished: origSize=100
etag: W/"64-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea355c2c-FRA

GET
H2 200 chunk-LEP7O6BY.js Show response
www.darkreading.com/build/_shared/ 2 KB
968 B 83ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-LEP7O6BY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c0b62c6c892374bc0cc4d52b350dbc0ec55ae14367f23c9a4eb5642bafe37dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=2484
etag: W/"9b4-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea365c2c-FRA

GET
H2 200 chunk-5KMMGODH.js Show response
www.darkreading.com/build/_shared/ 430 KB
61 KB 97ms
95ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-5KMMGODH.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1362703286b603b1fa5632254b1e0e15b2a4093cd206e89ca927cae5d1d9b374

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 136895
cf-polished: origSize=440729
etag: W/"6b999-18e146dffa8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea375c2c-FRA

GET
H2 200 chunk-YA2FBZI4.js Show response
www.darkreading.com/build/_shared/ 1 KB
769 B 81ms
79ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YA2FBZI4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

826797a91d444259bd33fb9044d4053a04d5959a22388be0b30ce94f5b7abedd

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1296
etag: W/"510-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea3a5c2c-FRA

GET
H2 200 chunk-B6PQRS2L.js Show response
www.darkreading.com/build/_shared/ 1000 B
582 B 82ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-B6PQRS2L.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caf9117b55ac11b08fad4eafdb495e104d1b656f4adb617a56285e8dd21a93ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1001
etag: W/"3e9-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea3b5c2c-FRA

GET
H2 200 chunk-3MS3TJ6I.js Show response
www.darkreading.com/build/_shared/ 99 B
206 B 82ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3MS3TJ6I.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6274643
cf-polished: origSize=100
etag: W/"64-18c818b3850"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea3c5c2c-FRA

GET
H2 200 chunk-WWXHV7UX.js Show response
www.darkreading.com/build/_shared/ 1 KB
638 B 81ms
80ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WWXHV7UX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b1e2858103af71683d15ee4d19330b075aeb35f103e4d878bd20c4120431864

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 786926
cf-polished: origSize=1062
etag: W/"426-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea3e5c2c-FRA

GET
H2 200 $topic.$slug-JAC3A6OL.js Show response
www.darkreading.com/build/routes/ 181 KB
57 KB 92ms
91ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/routes/$topic.$slug-JAC3A6OL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

810ef2f54bab5a44d50a0db5a96fcf3ed42c9ef218b937be4e5f0f375453fa6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 04 Mar 2024 08:48:42 GMT
server: cloudflare
age: 785109
cf-polished: origSize=185816
etag: W/"2d5d8-18e08a6a210"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb31ea3f5c2c-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 112ms
64ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 863ccb331bb592ab-FRA

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 95ms
48ms XHR
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4072
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ce53359b-101e-0051-1129-15a40f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb330d5e2c5e-FRA
expires: Thu, 14 Mar 2024 14:42:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 358 KB
107 KB 130ms
78ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a33bf19b3eefc1bb1e9f944fd3cc6291048918d30cc9f13a31ae0b25b96d47b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109347
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Mar 2024 14:42:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 120 KB
47 KB 100ms
48ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b4e3310a15f2d2866391c1d75ba8da0452301a4a5a9d55ae462f84f6f37237ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47346
x-xss-protection: 0
last-modified: Wed, 13 Mar 2024 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Mar 2024 14:42:59 GMT

GET
H2 200 Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/ 554 B
332 B 40ms
39ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1146939
etag: W/"22a-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32faf55c2c-FRA

GET
H2 200 Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/ 493 B
368 B 41ms
41ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 307992
etag: W/"1ed-18e146dffa8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32faf65c2c-FRA

GET
H2 200 ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/ 449 B
364 B 36ms
36ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 307992
etag: W/"1c1-18e146dffa8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32faf95c2c-FRA

GET
H2 200 Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/ 471 B
377 B 37ms
37ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1149971
etag: W/"1d7-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fafa5c2c-FRA

GET
H2 200 Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/ 400 B
343 B 36ms
36ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 70205
etag: W/"190-18e146dffa8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fafb5c2c-FRA

GET
H2 200 Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/ 272 B
276 B 38ms
38ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 379980
etag: W/"110-18e146dffa8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fafe5c2c-FRA

GET
H2 200 Twitter-WD5AOEQ7.svg
www.darkreading.com/build/_assets/ 404 B
362 B 46ms
46ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Twitter-WD5AOEQ7.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 590235
etag: W/"194-18e13b16668"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fb005c2c-FRA

GET
H2 200 Email-47H7P533.svg
www.darkreading.com/build/_assets/ 777 B
539 B 42ms
42ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Email-47H7P533.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1146939
etag: W/"309-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fb015c2c-FRA

GET
H2 200 Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/ 1 KB
702 B 41ms
40ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 70205
etag: W/"471-18e146dffa8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fb025c2c-FRA

GET
H2 200 Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/ 741 B
559 B 41ms
41ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6274643
etag: W/"2e5-18c818b3850"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb32fb035c2c-FRA

GET
H2 200 ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/ 752 B
486 B 38ms
38ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6254964
etag: W/"2f0-18c818b3850"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b055c2c-FRA

GET
H2 200 ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/ 305 B
284 B 50ms
50ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1146939
etag: W/"131-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b075c2c-FRA

GET
H2 200 Date-KJRS72FO.svg
www.darkreading.com/build/_assets/ 1 KB
493 B 44ms
44ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Dec 2023 10:07:14 GMT
server: cloudflare
age: 6505552
etag: W/"54d-18c818b3850"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b095c2c-FRA

GET
H2 200 Document-NG4YMZFA.svg
www.darkreading.com/build/_assets/ 801 B
435 B 44ms
44ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Document-NG4YMZFA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1146939
etag: W/"321-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b0b5c2c-FRA

GET
H2 200 Youtube-S4PSC4UA.svg
www.darkreading.com/build/_assets/ 570 B
412 B 40ms
40ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Youtube-S4PSC4UA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1672687
etag: W/"23a-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b0e5c2c-FRA

GET
H2 200 RSS-3XFHIVCK.svg
www.darkreading.com/build/_assets/ 632 B
429 B 47ms
47ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/RSS-3XFHIVCK.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 1746806
etag: W/"278-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b105c2c-FRA

GET
H2 200 GoogleNews-6O72APW7.svg
www.darkreading.com/build/_assets/ 897 B
579 B 47ms
47ms Image
image/svg+xml 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/GoogleNews-6O72APW7.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Mar 2024 15:42:17 GMT
server: cloudflare
age: 379980
etag: W/"381-18e146dffa8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb330b135c2c-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 73ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 08:49:49 GMT
x-content-type-options: nosniff
age: 107590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 08:49:49 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 33ms
32ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 3337957
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: 9565307164722ab68ccba658e48e2548
x-served-by: cache-ams12722-AMS, cache-fra-etou8220059-FRA
x-runtime: 68ms
server: contentstack
x-timer: S1710340980.702592,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3770, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 126 B
406 B 27ms
27ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

f02edc287b721a068471a9e12391d5ec4310291401d61f578bba197c1a6ac148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 3418967
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=126 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 126
x-request-id: 86403647692af6a86ca615f9f1dfadd4
x-served-by: cache-ams12769-AMS, cache-fra-etou8220059-FRA
x-runtime: 98ms
server: contentstack
x-timer: S1710340980.703068,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "tNrp/qpYdUqWfJ34ReXQmSxVICx4Nkfiuw2bUIruFd8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 906 B
1 KB 29ms
29ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=400&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

78977aa7e48ac3ada126337dcb1135aef21a49c3371cb081e75b7e52397ab906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 3418967
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=906 odim=400x419 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 906
x-request-id: 75ca84e6df6b95c79966d873c0fd36d3
x-served-by: cache-ams12769-AMS, cache-fra-etou8220059-FRA
x-runtime: 109ms
server: contentstack
x-timer: S1710340980.703040,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "mSV8bR8qcRiajnJZ9er0odx7U2hZRqOhc+2tz0Px2X8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 election-Delphotos-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt30c2929e9ce8d391/65e9e9f1e12481040a8980be/ 1 KB
2 KB 29ms
28ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt30c2929e9ce8d391/65e9e9f1e12481040a8980be/election-Delphotos-Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c95f14b0ff8aa78dc5fec09bbcd92b9f3e4861e6b93eaec291573d4ab26f87a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 512385
x-cache: HIT, HIT
fastly-io-info: ifsz=7290789 idim=5800x3872 ifmt=jpeg ofsz=1376 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=election-Delphotos-Alamy.webp
fastly-stats: io=1
content-length: 1376
x-request-id: 5b10d92ea99489614f8cf4e2fac9136a
x-served-by: cache-ams12723-AMS, cache-fra-etou8220059-FRA
x-runtime: 64ms
server: contentstack
x-timer: S1710340980.703020,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "XFseuADmVNNFNtNquZBYXCRnSQM5B239U/SSGhEM9Dc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 31, 1

GET
H2 200 Keynote_Stage.jpeg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt620265a115c4086e/65ea1051e9ee5d040ad526c4/ 2 KB
3 KB 28ms
28ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt620265a115c4086e/65ea1051e9ee5d040ad526c4/Keynote_Stage.jpeg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

5e5ffac1e6032589bbaab5ab71d9b65d30a3e1db77fea2e78e455a2971f6af08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img17-europe-west2
age: 502562
x-cache: HIT, HIT
fastly-io-info: ifsz=358358 idim=2048x1536 ifmt=jpeg ofsz=2132 odim=700x525 ofmt=webp
filename1: custom
content-disposition: inline; filename=Keynote_Stage.webp
fastly-stats: io=1
content-length: 2132
x-request-id: 5bc6c999dcfaa91be6f34c647be2ae0e
x-served-by: cache-ams12751-AMS, cache-fra-etou8220059-FRA
x-runtime: 57ms
server: contentstack
x-timer: S1710340980.703012,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "94ywZEzOxKOZqyrPzxTn4yLcKf7SA5g6DAcQkT0A+Ww"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 11, 1

GET
H2 200 fidelity_ryanMcGinnis_alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltf2478a613567442a/65e8ddcd5e5a87040a84a697/ 2 KB
2 KB 32ms
32ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltf2478a613567442a/65e8ddcd5e5a87040a84a697/fidelity_ryanMcGinnis_alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

3969275e27c6d5620dfc35c2c082ad39c755b4a706b533c11da5770adb01bbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img03-europe-west2
age: 581030
x-cache: HIT, HIT
fastly-io-info: ifsz=270194 idim=1200x800 ifmt=jpeg ofsz=1722 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=fidelity_ryanMcGinnis_alamy.webp
fastly-stats: io=1
content-length: 1722
x-request-id: 206f29f091801438c122aa6c888979b7
x-served-by: cache-ams21034-AMS, cache-fra-etou8220059-FRA
x-runtime: 71ms
server: contentstack
x-timer: S1710340980.703026,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "z6jwsjmoKCk+IgFKFVjG3QAogV/VsI60JmMa2kEqn6k"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 manifest-A3B50CE1.js Show response
www.darkreading.com/build/ 34 KB
3 KB 39ms
38ms Script
application/javascript 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/manifest-A3B50CE1.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b529d67152563a2f67b7afbfd6b4fa974e7b16d1c060353b347a6f98378d986

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 06 Mar 2024 12:16:17 GMT
server: cloudflare
age: 596392
etag: W/"8764-18e13b16668"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 863ccb335b5b5c2c-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 84ms
38ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 863ccb33ac35923e-FRA
access-control-allow-headers: Content-Type

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/ 433 KB
136 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 09:41:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18118
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139281
x-xss-protection: 0
server: cafe
etag: 13505786736550064131
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 13 Mar 2025 09:41:01 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 37ms
37ms Script
application/javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 32275
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7531ee9b-301e-0079-330a-15c5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb342af85c80-FRA

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

308ms
254ms

Fetch
text/html

2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Server: 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Redirect headers

date: Wed, 13 Mar 2024 14:24:45 GMT
x-content-type-options: nosniff
server: sffe
age: 1094
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Wed, 13 Mar 2024 14:54:45 GMT

GET
H2 200 iris-recommend.js Show response
static.iris.informa.com/widgets/v3/ 1 MB
1 MB 208ms
148ms Script
application/javascript 18.245.86.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e41b4b05bdcccb0da8ec37f77e2ef63db46cc8184ce8acaef48b85861608eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
x-amz-version-id: j8bQ93C7lUpWfrqmx6VEgWnbfkwGWoCv
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Fri, 16 Feb 2024 11:41:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: "c414394730fe9af12c6e2c6c7085c352"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 1424223
x-amz-cf-id: quZlCBvf5t5hMvLulTCtlLlXrVSZSqlewiGFUv1qrqlseoH72NL1gg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 271 KB
91 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e325a7450fd451b40103963f030bd5b18c52da364be883e87d366d78a7f1d2d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 13 Mar 2024 14:42:59 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
15 KB 192ms
145ms Script
application/javascript 18.245.86.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b3a87df9271496c06304e181a7349ee8f466bf3aec2594604cddda621ed5e014

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
x-amz-version-id: 30kR1SOzaV8mkAj3KPVCydzrzDL9neAX
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
last-modified: Tue, 05 Mar 2024 12:58:11 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
etag: "47655d522d81661da9cec68dbc7c1a1f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 14561
x-amz-cf-id: Xzl-b72XCrV4vBzmfcAt8iESMH0a5Cj19QEbUdkJG298SN_7EC4UpA==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 67ms
23ms Script
application/x-javascript 2600:9000:2646:fe00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2646:fe00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 07:29:50 GMT
content-encoding: gzip
via: 1.1 69a82a9746d3a7343dca651e0829f000.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: FRA60-P5
age: 25989
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 9k3N6yDBkbE9zaw3BEtGDp1oC32C87zG09ByjSiXwG3QQRKqanD-nw==
expires: Thu, 14 Mar 2024 07:29:50 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 415 B
688 B 112ms
45ms Script
application/javascript 2606:4700:4400::6812:27b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46532f65ff54c2eb734aa7e9fa4bddd0bff56632b34118d4b2efcfd6e0efcfdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 269
etag: W/"9df3efad1eb45b0404fc036460987fa423866920"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 863ccb34fbe81c44-FRA

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 14 KB
6 KB 79ms
29ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

4bf9ae2b1c3d54d70b711ca8248c523a8d8c06fd38dfb9a778f26dd522d8a82d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 5d5481cfa85227a3fdd5ff0b03093c62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 55
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/9c4dce75802959f391fc0127f7670010
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: njHnkNuzRCg01qzpLRbA2uE2gWwa7sJwk5bk8Hu5HOk44T6B4k165A==

GET
H2 200 apple2-mauritius_images_GmbH-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt605ae6a76c73e236/65e8be999fb08d040a014df4/ 2 KB
2 KB 26ms
26ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt605ae6a76c73e236/65e8be999fb08d040a014df4/apple2-mauritius_images_GmbH-Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

899399c4549a52521fd59cfeed273f862286fac41219f6ad0e9560b3440572c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 589017
x-cache: HIT, HIT
fastly-io-info: ifsz=1745793 idim=5102x4132 ifmt=jpeg ofsz=1806 odim=700x567 ofmt=webp
filename1: custom
content-disposition: inline; filename=apple2-mauritius_images_GmbH-Alamy.webp
fastly-stats: io=1
content-length: 1806
x-request-id: e3ef3e55541796fbdbaf1b17fd2bc8a1
x-served-by: cache-ams21052-AMS, cache-fra-etou8220059-FRA
x-runtime: 60ms
server: contentstack
x-timer: S1710340980.943182,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "tNi+2cYY+YVeGqPFyGs3nUr3WmUuOO7R95yuaqc+F/c"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 election-Delphotos-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt30c2929e9ce8d391/65e9e9f1e12481040a8980be/ 138 KB
139 KB 26ms
26ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt30c2929e9ce8d391/65e9e9f1e12481040a8980be/election-Delphotos-Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

60ec36859b6a7c99ff34d673b7a595fa3affdd4e27798ba81b21c5059bf3296b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 512385
x-cache: HIT, HIT
fastly-io-info: ifsz=7290789 idim=5800x3872 ifmt=jpeg ofsz=141522 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=election-Delphotos-Alamy.webp
fastly-stats: io=1
content-length: 141522
x-request-id: 5b10d92ea99489614f8cf4e2fac9136a
x-served-by: cache-ams12723-AMS, cache-fra-etou8220059-FRA
x-runtime: 64ms
server: contentstack
x-timer: S1710340980.950085,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "3xSzJ7p6uPlnXgrt7ej8HHPPx9scgDB5X/tWu4HmSzg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 28, 1

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 25ms
25ms Image
image/svg+xml 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img05-europe-west2
age: 1694882
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d8e2bae8958d344190fd353b28b7b898
x-served-by: cache-ams12722-AMS, cache-fra-etou8220059-FRA
x-runtime: 94ms
server: contentstack
x-timer: S1710340980.950083,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3578, 1

GET
H2 200 pirate-Tithi_Luadthong-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltfdfbb41376bc0b04/65f09c9afb4f2f040a4ae84a/ 117 KB
118 KB 66ms
66ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

415a1d823405bc47df78891b9f8407a751c139b2fd732a47092e01e3062035f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img10-europe-west2
age: 45965
x-cache: HIT, HIT
fastly-io-info: ifsz=1173225 idim=4500x3000 ifmt=jpeg ofsz=120046 odim=850x567 ofmt=webp
filename1: custom
content-disposition: inline; filename=pirate-Tithi_Luadthong-Alamy.webp
fastly-stats: io=1
content-length: 120046
x-request-id: 843105afb7ec9be859428c7be72c0454
x-served-by: cache-ams12735-AMS, cache-fra-etou8220059-FRA
x-runtime: 103ms
server: contentstack
x-timer: S1710340980.950238,VS0,VE8
x-contentstack-organization: blt5948195ac13977b0
etag: "rrImE0ps8yPdoI+DyoBWCkbKHblN9DgAqRq4x4WX1vs"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4, 1

GET
H2 200 Keynote_Stage.jpeg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt620265a115c4086e/65ea1051e9ee5d040ad526c4/ 43 KB
44 KB 66ms
65ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt620265a115c4086e/65ea1051e9ee5d040ad526c4/Keynote_Stage.jpeg?width=700&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

6d5e93201588b93ce0417a6243dd4ecbb873acf7683301e0302b3ea35263efe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img17-europe-west2
age: 502562
x-cache: HIT, HIT
fastly-io-info: ifsz=358358 idim=2048x1536 ifmt=jpeg ofsz=44218 odim=700x525 ofmt=webp
filename1: custom
content-disposition: inline; filename=Keynote_Stage.webp
fastly-stats: io=1
content-length: 44218
x-request-id: 5bc6c999dcfaa91be6f34c647be2ae0e
x-served-by: cache-ams12751-AMS, cache-fra-etou8220059-FRA
x-runtime: 57ms
server: contentstack
x-timer: S1710340980.950647,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "rFL0/hUtxgOezZjTeI4qdEzXF+F5g00Cigo8Pcibxgk"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 21, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 3 KB
4 KB 64ms
64ms Image
image/webp 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=80&disable=upscale

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:42:59 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 2064796
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: b59871c387f23bdedc07c4127ab539dd
x-served-by: cache-ams12769-AMS, cache-fra-etou8220059-FRA
x-runtime: 123ms
server: contentstack
x-timer: S1710340980.950743,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 50ms
50ms Fetch
application/x-javascript 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 4072
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 361060ce-b01e-003a-5c53-1423fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb34cf842c5e-FRA
expires: Thu, 14 Mar 2024 14:42:59 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 369ms
123ms Image
image/gif 18.214.208.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&u=CakmzYpdXenCgSFeY&d=darkreading.com&g=53678&g0=Application%20Security&g1=Nate%20Nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=5950&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&b=2301&t=DHh3r5CQoCBzByl3H_B_BJJUEJT2q&V=143&i=%27PixPirate%27%20RAT%20Invisibly%20Triggers%20Wire%20Transfers%20From%20Android%20Devices&tz=-60&sn=1&sv=BJ8WlLC6_N4-DvN3QXBgjcggC8zyQz&sr=external&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.214.208.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-208-237.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 13 Mar 2024 14:43:00 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 modules.76600994a7e845923464.js Show response
script.hotjar.com/ 222 KB
55 KB 77ms
26ms Script
application/javascript 13.32.27.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.76600994a7e845923464.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.107 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-107.fra56.r.cloudfront.net

Software

Resource Hash

fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 7974
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55785
last-modified: Wed, 13 Mar 2024 12:29:47 GMT
etag: "ef9df1813a7be6a9f62fdfc3c4c6965d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: sxoP5jdY6oDaJpU2a4KwRS8vZzOj0XzrIwJ1zSCCg48wuE4Btdgi8Q==

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 39ms
38ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 65597
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8bb80f27-d01e-0013-6e71-141d8f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb3538262c5e-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 41ms
41ms Fetch
application/json 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 4073
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2f2e397c-701e-0068-1a77-145f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb35382a2c5e-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 36ms
36ms Fetch
text/css 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 4073
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 84c7e417-801e-0098-36b2-1219e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 863ccb35382b2c5e-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 84ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je43b0v873922772z8891172384za200&_p=1710340979641&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&cid=402851684.1710340980&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dr=&dt=%27PixPirate%27%20RAT%20Invisibly%20Triggers%20Wire%20Transfers%20From%20Android%20Devices&dl=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&sid=1710340980&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=News&ep.content_publish_date=Mar%2013%2C%202024&ep.content_sub_brand=value%20not%20set&ep.content_buyer_journey=value%20not%20set&ep.content_id=bltb905c375e4a8f049&ep.content_title=%27PixPirate%27%20RAT%20Invisibly%20Triggers%20Wire%20Transfers%20From%20Android%20Devices&ep.content_legacy_path=value%20not%20set&ep.content_contributor=Nate%20Nelson&ep.content_keyword=value%20not%20set&ep.content_series=value%20not%20set&ep.content_sponsor=value%20not%20set&ep.content_main_topic=Application%20Security&ep.content_additional_topics=Threat%20Intelligence&ep.gtm_container_detail=GTM-5523ZCM%7C103&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fapplication-security&ep.content_program=value%20not%20set&ep.content_group=Application%20Security&ep.content_all_topics=application%20security%7Cthreat%20intelligence&tfd=2366
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 14:43:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 91ms
31ms Ping
text/plain 2a00:1450:400c:c06::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=402851684.1710340980&gtm=45je43b0v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 14:43:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 99ms
46ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=402851684.1710340980&gtm=45je43b0v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&z=1086689158

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 14:43:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 92ms
27ms Script
application/javascript 108.138.26.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.26.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-26-31.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:08:38 GMT
content-encoding: gzip
via: 1.1 0d78cc90106520d13c1b5c5b16dd8246.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 15190462
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: vWcCCm93BAEW4R742HsGsJ6VWLCvc3o2Uu7WIdDYJc_irWLUxLcP0w==

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 35ms
35ms Image
image/jpeg 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 22618
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 286fded7-101e-008a-2bbf-216232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 863ccb35ac645c80-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 39ms
39ms Image
image/svg+xml 2606:4700::6813:b234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 13 Mar 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 39079
x-ms-lease-status: unlocked
last-modified: Tue, 12 Mar 2024 03:12:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ea8e9329-e01e-007a-7131-7424c3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 863ccb35ac675c80-FRA

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 176ms
129ms Fetch
binary/octet-stream 18.245.86.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Wed, 13 Mar 2024 14:43:01 GMT
via: 1.1 b2340053ff948864db4d5e3c0ab3f3ea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 2MZOphYlDhkXN0K3TX8yr4ik9Zts_x9EN82o0ZSrLwiS_wgmWrFqBg==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
22 KB 34ms
34ms Script
application/javascript 18.245.86.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.86.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-86-118.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: br
via: 1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
date: Wed, 13 Mar 2024 02:35:18 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 43663
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: RuEkeRUi5_gvBXmMyBFnKFuFVMihMgf-CaamE1Sa0QYP1kXFxLm9Lw==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
19 KB 80ms
22ms Script
application/javascript 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 08:40:28 GMT
Content-Encoding: gzip
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
Age: 5032953
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: wQ0mE5rKe6YuZhsomTsyxNUHBq6u_pehHD86ORfUU3Z60_ilQbp8Tg==

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 229ms
162ms Preflight 2606:4700::6812:6d2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6d2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 863ccb36aa19bb43-FRA
content-length: 0
date: Wed, 13 Mar 2024 14:43:00 GMT
server: cloudflare

POST
H2 200 ed0
c.darkreading.com/com.iiris/ 2 B
329 B 158ms
156ms Ping
text/plain 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/f23io39d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 863ccb37bf845c2c-FRA
content-length: 2

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 82ms
23ms Preflight 18.198.248.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1710340980230

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.248.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-248-132.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Wed, 13 Mar 2024 14:43:00 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 71ms
23ms Fetch
application/json 18.198.248.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1710340980230

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.248.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-248-132.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 741 B
410 B 63ms
63ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980335&lmt=1710340384&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=1600x6450&msz=1600x0&fws=0&ohw=0&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=1531980643&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3a98c1bb392bfed6ddb76311f3f8dddaf2dd436663c38613e066a81314bfb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 381
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 509F 6 KB
3 KB 112ms
30ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 14:43:00 GMT
expires: Thu, 13 Mar 2025 14:43:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 102ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=cmpMet&pvsid=3685343198039971&vrg=202403070101&nw_id=3834&nslots=13&eid=31081446&pub_url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&fc=0&tcfv1=0&tcfv2=0&usp=0&ptt=17

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 14:43:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
247 B 58ms
58ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980398&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_1v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=1192557627&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cae0c401ab925a346fa1374d27b0e40c9002818ebfd40d34d63c289850aa7df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
246 B 59ms
59ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980400&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_2v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=4165133198&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d257edf8980fc60e35e80abde2e8a425a3e6a79bff53b5cf77a772856841251f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
247 B 66ms
66ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980402&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_3v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=2939657723&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdeb6d3b087fef0f74344d12f89b01a5bbe744969d6fbdf41c003dec5a8dd018

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 218
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
245 B 72ms
72ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980404&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_4v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=1874506811&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

443d2de9952c7118e93da58a19a56af1cf2527597a3bd2d7e20893faedc93365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
246 B 77ms
76ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980406&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_5v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=2265732090&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e191f704e16d6d94a51162c18a2fa3298675cdff2f7674f5d93f56433834293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
246 B 61ms
61ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980408&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_6v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=3544642852&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3a9f4028914c7a579e12ad8abe84e5d6f12cce4166b612743f941726688c1c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
243 B 92ms
92ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=8&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980411&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_7v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=89185819&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d3909703deaeaa1a3469bac80ebc359ab469070aaee183731fc24c0ebaf9f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 214
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
246 B 98ms
98ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=9&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980412&lmt=1710340384&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D100_8v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=452167488&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41e668dd7cfd6e434fdae0c94fe7197595609925400f481fd5bac1c7b85ac3af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 35 KB
13 KB 81ms
81ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1710340980413&lmt=1710340384&adxs=800&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=1036x5783&msz=1036x0&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=1393909158&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b4dae2fa65bc41f704d27df41d926d1aaf9eceec2f44f055e8a1d67ff5c4a20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12915
x-xss-protection: 0
google-lineitem-id: 6421948273
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138466740918
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
245 B 97ms
97ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1710340980415&lmt=1710340384&adxs=800&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=1036x5783&msz=1036x1&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Doop_v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=29849005&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

478eb4fd665d0c4ded105ec9faf443448a0f5a821b882df7e7031760b7460425

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
246 B 88ms
88ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980416&lmt=1710340384&adxs=800&adys=301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=1036x5783&msz=1036x1&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Dfloor_v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=1344132734&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

925b720471ac84776a2e6c8f7bcc0c595fde5bf6bd04b0716bb11b137e5f9d43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 544 B
246 B 89ms
89ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980417&lmt=1710340384&adxs=800&adys=6032&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=1036x5783&msz=1036x1&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Dadhesion_v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=3862174159&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d841b9e30e99e64aee11f2f33e62c0b53ada7804ecf4fe685abc092c291bfb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 547 B
249 B 76ms
75ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=14&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980438&lmt=1710340384&adxs=1156&adys=1144&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=324x1384&msz=324x0&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Dnative_vertical_1v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=2330500597&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d65dd16eb85aeef98f61ec4254f0ae517343399f006b5e821793f7d131fe5d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 220
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
24 KB 90ms
90ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=15&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980457&lmt=1710340384&adxs=436&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=1036x5783&msz=1036x50&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D728_1v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=1135712129&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1895c960f7e7ec14b2d519359ecefe5341093eab6e515e3879f7c9a1f36d6d30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24487
x-xss-protection: 0
google-lineitem-id: 6405657777
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138467621098
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
270 B 62ms
60ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=16&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980473&lmt=1710340384&adxs=1006&adys=672&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=324x5300&msz=324x100&fws=4&ohw=1600&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3D300_1v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=3764142514&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87dfb6a24d6a28ae43bc4171330e3762c849a146c3eaf84a63299147c843aed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 458 B
190 B 62ms
62ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3685343198039971&correlator=2028560411592652&eid=31081446&output=ldjh&gdfp_req=1&vrg=202403070101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Capplication-security&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&ifi=17&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1710340980498&lmt=1710340384&adxs=1154&adys=588&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&vis=1&psz=324x37&msz=324x5&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=402851684.1710340980&ga_sid=1710340980&ga_hid=2035846797&ga_fc=true&dlt=1710340979465&idt=477&prev_scp=pos%3Dresource_v%26ptype%3Darticle%26nid%3Dbltb905c375e4a8f049%26aid%3D81063%26reg%3Danonymous&cust_params=welcad%3Doff%26gdpr_banner%3Don&adks=2535831831&frm=20&eo_id_str=ID%3D508ce2867f58ff9d%3AT%3D1710340980%3ART%3D1710340980%3AS%3DAA-AfjZ5MedzYmKtdeXDplApFkIi

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a44d4269d81abf38c5d19171739cdfec3ee9b33042490bd49584c4c5819eba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 161
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 1FE6 23 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 12:17:14 GMT

GET
DATA 200
OK truncated
/ Frame 1FE6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b3a84eb18cc701d091fc13f892801e1de269c0e1c71aa3a07c1da8222a58e46d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame 1FE6 0
203 B 56ms
56ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsumXOK6Z6uSohdpHAXxNGfhFgeFL6YM66U7NlYk_bNLGkhdeYeGml1Yqc2jLZB_7Y6mfETLf-qNNX7heGiiyvF7t4h4rsKRtW5UfXkandKRF32bXkY8oI48SCkF4tsxoGCqRTEuLOstQuu7HE-wy-IReFuxQHnIieARVs9jwAuQz-KoLjYleRbRmaUuNyDYIPOWo6VdVOA-WV4YqLrq2Ghti9GYrmiPArdJcu97Uqj4HvmVAugw2jWDVYY0PzPbHxIotT4Z_vkqNwZ175Y1uPmxfT8WiaCglBqoSV-BxJqk4khDG5l54pvzOIM8vRhpkr_nPA55P0M3-fREiTJi0aGOCOkjxfuOzw_40pFWlE9wvd-dy75HEpRnYTxKniBZ3AYetojyYBbFpAWkCLXHarbAQEk&sig=Cg0ArKJSzPBTekAqtnMnEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 7681149249694914344
tpc.googlesyndication.com/simgad/ 95 KB
95 KB 312ms
24ms Image
image/jpeg 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7681149249694914344?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dbc67cc14a4a09a538318699a94188c9e39b42c12e134170462c5252d0671f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 12:58:56 GMT
date: Wed, 13 Mar 2024 12:58:56 GMT
x-content-type-options: nosniff
age: 6244
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96789
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 08:51:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 98D3 0
0 54ms
54ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuKeZ7n61bb766mMc0E44QLrfB-BYAHviUMFoOoAcUCnAp9T-ZRTmT_Dt555DpLwJn8tOGXKJUL7zEq3klPJlPYLL63Q4_HMcYG_4HaxDycT68rBN-qMsVhamL4RapouDI1noyZe_JYaVn0Br8pVGUIntxFwVOgtYWBeK2pzHgxy8QUFG1HKOYbCJiLCAGRmnOdUj633Yli8pcndH7uWIUwiS4or9OtL4aH06qqW7w1FdV4svnKugSIHzPhODo2Fxy87jrdeip1UAxvrVjsIfZlrki--j4aC6qojNmB3CSQiuKPE83TSJypYkaov7DEwAhWtxmFAKbQ9hfVMalNiEHrVLQjqX9EzT30roQg02-j4VnM04O08ez87on7l-LT7rYplpiNrOI5eR9704kZjfE&sig=Cg0ArKJSzNAVDD_8OvqhEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:00 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/ Frame 98D3 23 KB
9 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8954
x-xss-protection: 0
server: cafe
etag: 11417926956348271285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 12:17:14 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/client/ Frame 98D3 3 KB
1 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240311/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:17:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 27 Mar 2024 12:17:13 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 98D3 207 KB
63 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1546
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64189
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 15:17:14 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 98D3 332 KB
113 KB 129ms
36ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1fe45985d17575b2fff7ea554d28c9a467bc94f204daee355b23f9d3e38a26f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Wed, 13 Mar 2024 14:43:00 GMT
last-modified: Wed, 28 Feb 2024 12:15:59 GMT
server: AmazonS3
x-amz-request-id: 5P44TPXHGGP8TJ4Y
etag: "53b6f6d8af1095409d7f5440ef3dd208"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=49680
accept-ranges: bytes
content-length: 115646
x-amz-id-2: EJhDRwR+lDElBqtRMckslpPo/7qsiQkZr0PhFHQ1etyZP6fy2ygEnGLrZnKXzAyfdmuWXEaelE/Up6sQTMZpcgfzadk365cP7JYzRmE+ztk=

GET
H2 200 9735415140206953154
tpc.googlesyndication.com/simgad/ Frame 98D3 54 KB
54 KB 147ms
71ms Image
image/png 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9735415140206953154

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202403070101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3642fff96c79ce09bbb6b174373279b6c5c4cf27271ae371a9c20d3176db8f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

expires: Thu, 13 Mar 2025 12:52:56 GMT
date: Wed, 13 Mar 2024 12:52:56 GMT
x-content-type-options: nosniff
age: 6604
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55458
x-xss-protection: 0
last-modified: Wed, 06 Mar 2024 09:45:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 69ms
68ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3e9578d920c94709371fcdac34c6223e332c0b97b10e1ac73a15631f36cff77e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkreading.com/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Wed, 13 Mar 2024 14:43:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: ae09bf41-8311-4c43-99bb-69e3d954a807
content-length: 1780
content-type: application/x-amz-json-1.1

GET
DATA 200
OK truncated
/ Frame 98D3 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50a972d69593c022b2aaf4f3ab89aa5e25bfefa6351fb808e3e0f3f4c4d3a9a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 151ms
45ms Preflight 2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Wed, 13 Mar 2024 14:43:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: f1132a90-f1b1-4bd2-887f-034ee78fedc6

GET
H3 200 view
pagead2.googlesyndication.com/pcs/ Frame 98D3 0
0 105ms
56ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsuoZDHXGRrNMIBeH3ZN4c9TwUN_0QxR8r8iMafSuTpb78OJjbdERFUDRfL5NkP0wZpn6SwFbOXymmnn1jEMA-dhUsJLGP5PCsV3er8JxK30-5axDfS7G-VXQp8meYA-ooKNVCsI3I_nT5WdESW_l-UdeCdYbhu1kIPzwaaD5Ejqyl6UJyYHw8Z0Ei8WI5pzPyj_O0nxReQhcSIOSyaHmokPAdLaBNkBSbjN3yvPUj1ouM_KexhCZdtE3UvNPba8e9I55wCPIkYVn0KvcFdEdQclXR87bitjlmOEgSvlKGmQQVxS1KKGdWMF5ucO0aoysKFPCh3xPfe4vT3pnh1fzKqO8lY-1687PD6dJQCU-sGxYCyR2UXznDmnWeDzW1dGacXMaqZB7_8xPlpx-UYlZD-BrA&sig=Cg0ArKJSzBVWhTuK4b5eEAE&uach_m=%5BUACH%5D&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 98D3 33 KB
11 KB 206ms
24ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?1322024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 825f6b61f96bc43809abd30cab948309377449c379a6f973c582f5d28bf267ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:26:12 GMT
via: 1.1 google
content-encoding: br
age: 1009
x-guploader-uploadid: ABPtcPoUk2d0pduYUNwAUBa4mQUOiSlFIakZ4OsFREGQHEshHKl7nqxSWdH6nSCKTYsG7BNI9Xo2Owyafw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10671
last-modified: Wed, 21 Feb 2024 23:31:36 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1708558296436903
x-goog-hash: crc32c=srF/gg==, md5=3fpNhUvHTpM0hkxhCmt/UA==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34175
accept-ranges: bytes

GET
H2 200 n.js Show response
mb.moatads.com/ 85 B
263 B 216ms
60ms Script
text/html 132.226.214.62
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML9UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-kA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1710340981007&de=366640693872&m=0&ar=b14f40e8f24-clean&iw=952b4bf&q=2&cb=0&ym=0&cu=1710340981007&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=80029947%3A3265433495%3A6405657777%3A138467621098&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&id=1&ii=4&bo=22316126855&bp=22339874915&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339874915&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339874915&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2027%3A2027%3A0%3A2009&fs=207200&na=1612087186&cs=0&callback=MoatDataJsonpRequest_18381940
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 132.226.214.62 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2d198b7bae15cbf8ca6772395a09329b8173827ce04556b06a4682aaf0788b78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
server: istio-envoy
etag: "0ecfd1c5900444bf44f25c4cadfad158e726a977"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 15
timing-allow-origin: *
content-length: 85

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 43ms
35ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1710340981007&de=366640693872&m=0&ar=b14f40e8f24-clean&iw=952b4bf&q=3&cb=0&ym=0&cu=1710340981007&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=80029947%3A3265433495%3A6405657777%3A138467621098&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&id=1&ii=4&bo=22316126855&bp=22339874915&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339874915&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339874915&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A2027%3A2027%3A0%3A2009&fs=207200&na=798191532&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 13 Mar 2024 14:43:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 13 Mar 2024 14:43:01 GMT

GET
H2 200 darkreading Show response
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ 3 KB
2 KB 346ms
346ms XHR
application/json 2606:4700:4400::6812:2595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&limit=4&mode=db&item_age=12

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de1fa8738ea69b587d6c581d17fda6da21b04c21e65595bdd1971b8a681c63db

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 0

Request headers

Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjEFcaCWV1LXdlc3QtMSJHMEUCIEPMHviN5esLvQvbCCgZXFzXO67oAWFS7VHESVZXI5/6AiEA9nnJiVWLx2B/iHIGapbj+dWfda49q34tjDcmCpcZkoAqyQUIYBADGgwwNTYwNDMxNzA4OTkiDKFYRWzaWtYPqcKIsiqmBbmRzDVEG2HY5zKgVAlc/MI3uWGdIMTgXA9ZiM/+/jOrVJg1Sh528jZz3XSjX5m1QoruZVNOL2cQda1WqbtYJlcrcyZISnhj3j3tvDWeq95KTiXhErDevoJqTyIimCvaHxiKEn38btFyhBCW485v/ush2Vw8NgUZUnK0h02SII7HDIjy12xx5tmao4jmH93kFE0WlSvqNoT1kJuxbMqJ2iwxEWNybVB0TqQvfWt8vt7LC78q0eVjjrOTlOauo3XUNNuWqXp6qZxbsACG6G6kzbjk3p0fulov/B/+WPGaVeQFUTPjdX0fmQ4nKJiC4xBu+ZrDWpoD//XTb3Va+FKIQXuamcSI+bRuflHNL+sUP0CeUhy5y2BfhZtfHt1L5kdFnTXovKTfLGTglLjP1NaCeXawR4YoNvk/9BT+aAioBjqVon9v8nfRxB5f2dVDQ1RDLTBJEYS5Ub5qt0kDSv/kZhZuTfEtWiifo4XVxDaXM8/5TebyrG8Cm9qAK/L3oLNyHivckU8eHYKhoizhlz+7/7aQhkeYE95XqvcScPBf6HUoKBu5Vw8AA3nHYS1s1thtXFYBaKpgXAkCRZaJ5jKR5ZeHh0vrtjcBS0SzOy/bFI0fzEc12By8OJqHpwr18+60pUZE6FXjzx4mJ0HxLGYVF4FBE+6S0m0N6z8CKdNfHkJyJFtNIL7tp2x8ehSsBApkdKUR6y55S0IIk4MCFMrXEs8lcO/VMgf0VFjL8RluMtvL4uCyg9scoM3DXBe+RvIY4qJH5MU9MWv0jRJLuD+iFKvPlmyN9O6IjE51ETYsKOBAXV5xZnf2LkijSc2Fx8R3bizT066zS0EDLuvfQ0LsnOZlcRSi7jjIzgf8FywuZTQxwglAEEjgGi/lvnY205ecZC2ghzTbWTD19savBjrdAg5qDD7kKbDdfuA/7mrGXJuY6lkFklRN0qkueuHYGXmCxrME+Ma8IJLp+2aXutpHVeaM4nazUKAPmqwpG8U3/BlmUiCvRFVcEtN9Sy5KJOr6BOQ195HT7KqjC16jHHcMn5D3lPxgiCthwa7KwbPgJMVcWoCxqSHtZ8iwLZ2q0VYRLWnhxCUoRnOmsLXxVkjvXHq076GprRUz2V8EO1h9X9kiLZ/d2o6R9cOseGl/Qifm0oBk8ex6yP2Sm8Ki3uBNZS2IwTHK+ZojW8UZcegTOU8WGFY5PhrwQMM/rQmuKz63sZcUBwrX37MJuncKBfNRgyjwJLgSpdWoGACkBgN/JDGzaCo+OclpS292gn/oforOUkPb4IHnqLAInJ58/3yRAkZ7pxhre+h6FAUr/FsYGBWWwcsNyNEZoLyoxMPsjMEotRs/xGVjUh+qzM/Hdw7F7ugMIYLli2/9aHArFBY=
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
x-amz-date: 20240313T144301Z
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJWXULO7GL/20240313/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=4a5ba13d2b077bef41437624a15c93e99cb195bd947051cd292370d11853d3df
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 3571
x-amzn-remapped-server: uvicorn
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
x-amzn-requestid: a271a80d-3870-4477-aff3-7da0d2358edd
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
cf-cache-status: DYNAMIC
x-amz-apigw-id: Uko6YEtHjoEFaVg=
x-xss-protection: 1; mode=block, 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-frame-options: DENY, DENY
content-type: application/json
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate, max-age=86400, private
cf-ray: 863ccb3d1da95b9e-FRA
x-amzn-remapped-date: Wed, 13 Mar 2024 14:43:01 GMT
expires: 0

OPTIONS
H2 200 darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame 0
0 215ms
75ms Preflight
application/json 2606:4700:4400::6812:2595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method: GET
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id
access-control-allow-methods: DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 863ccb3c9d425b9e-FRA
content-length: 0
content-type: application/json
date: Wed, 13 Mar 2024 14:43:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-apigw-id: Uko6XH7OjoEF_xQ=
x-amzn-requestid: ff9d57c2-29e3-45e4-ba8c-3fef82fd1b72
x-content-type-options: nosniff

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 36ms
35ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F9735415140206953154&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML9UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-kA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&id=1&ii=4&f=0&j=&t=1710340981007&de=366640693872&cu=1710340981007&m=48&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6541&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A2027%3A2027%3A0%3A2009&as=0&ag=17&an=0&gf=17&gg=0&ix=17&ic=17&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=17&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=33&cd=0&ah=33&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405657777%3A138467621098&bo=22316126855&bp=22339874915&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339874915&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339874915&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=633572766&cs=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 13 Mar 2024 14:43:01 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 13 Mar 2024 14:43:01 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 98D3 62 B
254 B 48ms
47ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&pv=1710340981230_q2xub76rd&bl=en-us&cb=1648012&return=&ht=&d=&dc=&si=1710340981230_q2xub76rd&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&v=2.6.1.139
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1322024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 14:43:01 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 98D3 20 B
482 B 577ms
184ms Script
application/javascript 54.236.93.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=1322024&v=2.6.1.139
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?1322024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.236.93.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-236-93-95.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Date: Wed, 13 Mar 2024 14:43:01 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Thu, 14 Mar 2024 14:43:01 GMT

GET
H2 200 nr-spa-1.252.1.min.js Show response
js-agent.newrelic.com/ 88 KB
29 KB 90ms
26ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.252.1.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1be35be349acf2eed9e22ca06e4a042b15f82a1506d6ababa2235a08f2d4bee

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-amz-version-id: ciptB62sl7SaNWeoDBMhMlqfL6TVLqLw
content-encoding: br
via: 1.1 varnish
date: Wed, 13 Mar 2024 14:43:01 GMT
strict-transport-security: max-age=300
x-amz-request-id: ZVTPFVPQKDZXEJTK
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29589
x-amz-id-2: QYvKidf4agSR4xswrqvy+CqSoHWkjS/UMbOxFlWi+oFyvBxkTpL0vL4j86OVIT3Lf8MVkt/Kic0=
x-served-by: cache-fra-eddf8230132-FRA
last-modified: Mon, 04 Mar 2024 15:07:39 GMT
server: AmazonS3
etag: "c273af66fb45b900bf5af84103446051"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 768233

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 71ms
71ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202403070101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bef57073ec5b1447dc0c71974b900f8328e7c7bc50431bf6bab303edc71606bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12403
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
37 B 76ms
54ms XHR
text/plain 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-9484595466fb5473----1710340981815
traceparent: 00-4907f38d7dfcef972c0b49937dcdf9e5-9484595466fb5473-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiOTQ4NDU5NTQ2NmZiNTQ3MyIsInRyIjoiNDkwN2YzOGQ3ZGZjZWY5NzJjMGI0OTkzN2RjZGY5ZTUiLCJ0aSI6MTcxMDM0MDk4MTgxNSwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 863ccb40686c5c2c-FRA

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
160 B 75ms
54ms XHR
text/plain 2606:4700::6812:6f2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6f2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-8689368aad63f25e----1710340981816
traceparent: 00-b168f4d434341114ddb6a654c35bfb55-8689368aad63f25e-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiODY4OTM2OGFhZDYzZjI1ZSIsInRyIjoiYjE2OGY0ZDQzNDM0MTExNGRkYjZhNjU0YzM1YmZiNTUiLCJ0aSI6MTcxMDM0MDk4MTgxNiwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 863ccb40b8b45c2c-FRA

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 13 Mar 2024 14:43:01 GMT

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/1/ 48 B
557 B 132ms
48ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.252.1&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=4231&ck=0&s=879613aad168bc33&ref=https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices&hr=0&tt=e82d0bb8854888e5&af=err,xhr,stn,ins,spa&ap=149.718873&be=1773&fe=2350&dc=294&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1710340977690,%22n%22:0,%22dn%22:19,%22dne%22:19,%22c%22:19,%22s%22:41,%22ce%22:69,%22rq%22:69,%22rp%22:1773,%22rpe%22:1777,%22di%22:2009,%22ds%22:2067,%22de%22:2067,%22dc%22:4121,%22l%22:4121,%22le%22:4123%7D,%22navigation%22:%7B%7D%7D&fp=2026&fcp=2026
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: b4a725979acb1681a72265c90e68ae931853303505fb9e883bf7fe8e499a66df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Mar 2024 14:43:02 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-expose-headers: Date
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: cross-origin
Connection: keep-alive
timing-allow-origin: https://www.darkreading.com
Content-Length: 48
x-served-by: cache-fra-eddf8230085-FRA

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A478 13 KB
5 KB 23ms
23ms Document
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2044
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 14:08:57 GMT
expires: Thu, 13 Mar 2025 14:08:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A2A9 829 B
1 KB 91ms
34ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e9246e3440c5a6b94ac5a3901ba7c5812932071ee331f795702d631a3b1f07f6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2t6OQ_zx0d7zI5bGJa9s1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-2t6OQ_zx0d7zI5bGJa9s1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Mar 2024 14:43:02 GMT
expires: Wed, 13 Mar 2024 14:43:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 98D3 42 B
64 B 60ms
60ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssAEbX4S8pA9zz8t0GK4_o2hIRMUPRdQIHq7aE-XlXEE1V9k-bguZo56tOcNInd5qC_gyNSHP1fPcEmBKLiEU3oWDYkCi7CH1u5MWlZW6ZISdQNPUDsJYPlYbqkWAegVroXdgvN7Yx557leei-e_dZf09zFki3tWq5d_2o7rg&sig=Cg0ArKJSzM5T0mD4AW4fEAE&id=lidar2&mcvt=1000&p=249,436,339,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240311&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1135712129&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=627378000&rst=1710340980767&rpt=169&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Mar 2024 14:43:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame A478 39 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 12:17:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8747
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Mar 2025 12:17:14 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A478 0
10 B 21ms
20ms Image
text/plain 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hbZZQw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Wed, 13 Mar 2024 14:43:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A2A9 0
0 52ms
52ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202403070101&jk=3685343198039971&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/events/1/ 24 B
346 B 33ms
32ms XHR
image/gif 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/events/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.252.1&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=4400&ck=0&s=879613aad168bc33&ref=https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices&hr=0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 13 Mar 2024 14:43:02 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230085-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 47ms
46ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML9UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-kA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&id=1&ii=4&f=0&j=&t=1710340981007&de=366640693872&cu=1710340981007&m=1215&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6665&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2027%3A2027%3A4123%3A2009&as=1&ag=1187&an=17&gi=1&gf=1187&gg=17&ix=1187&ic=1187&ez=1&ck=1187&kw=1003&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1187&bx=17&ci=1187&jz=1003&dj=1&aa=1&ad=1087&cn=0&gn=1&gk=1087&gl=0&ik=1087&co=1087&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=33&ah=1003&am=33&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405657777%3A138467621098&bo=22316126855&bp=22339874915&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339874915&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339874915&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=1590270432&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 13 Mar 2024 14:43:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 13 Mar 2024 14:43:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 36ms
36ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML9UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-kA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&id=1&ii=4&f=0&j=&t=1710340981007&de=366640693872&cu=1710340981007&m=1216&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6665&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2027%3A2027%3A4123%3A2009&as=1&ag=1187&an=1187&gi=1&gf=1187&gg=1187&ix=1187&ic=1187&ez=1&ck=1187&kw=1003&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1187&bx=1187&ci=1187&jz=1003&dj=1&aa=1&ad=1087&cn=1087&gn=1&gk=1087&gl=1087&ik=1087&co=1087&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405657777%3A138467621098&bo=22316126855&bp=22339874915&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339874915&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339874915&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=1316143632&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 13 Mar 2024 14:43:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 13 Mar 2024 14:43:02 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 44ms
44ms Image
image/gif 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=17&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t7RZ.%5BMhS%3A15.snxNz3%2B1bmlLntoDUj%7B!%3CFeid%5BOV%7C%2B2x%3D(%3Ce7%25tDkkcRYG%3EZcTOc9!x%5E%7D%2Cap.%3E%25.s)yeA1%7Cu%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ2M3%3C%2C%7BK%24t!.xPmej%24le31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-ML9UUZTTfLdd1xZPfUWeGV63nryfnddNoipOGLOPg%2Fj24vrl5%2FmliBNlAlwWxmRnpyWz&rs=1-93xD4bI%2F0rYACQ%3D%3D&sc=1&os=1-kA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&id=1&ii=4&f=0&j=&t=1710340981007&de=366640693872&cu=1710340981007&m=1216&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6665&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A2027%3A2027%3A4123%3A2009&as=1&ag=1187&an=1187&gi=1&gf=1187&gg=1187&ix=1187&ic=1187&ez=1&ck=1187&kw=1003&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1187&bx=1187&ci=1187&jz=1003&dj=1&aa=1&ad=1087&cn=1087&gn=1&gk=1087&gl=1087&ik=1087&co=1087&cp=1003&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=80029947%3A3265433495%3A6405657777%3A138467621098&bo=22316126855&bp=22339874915&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339874915&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339874915&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=1968925105&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Wed, 13 Mar 2024 14:43:02 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Wed, 13 Mar 2024 14:43:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202403070101&jk=3685343198039971&bg=!dHeldzjNAAZsmiNCTJo7ADQBe5WfOF43arW9vTNYimm1RAJI8XVHMwaQ3jU8rfTgNIPry4-IOSAYYOS0y5lTi_hx_kVaAgAAACVSAAAAAmgBBwoAcoOmCnBVONx_nys5-k_9jcJ42-SEYpRKZbOQQ-uyTQ9SBNo27l-alAAvxZWM1Xzhzukg5g-KOiKxZx7-R877DeJcLeXKg20BBN1Nz43sQPaXiPglfPhQLXrRNRlh-KUJwojA2VD1-o-cUXzWg9CokIZAm5kCwVdOZ0UpuItoSq81-SF_hQChFV_EqOlu4KF4C9jelXi_50xjg-6P0mY-oNJWDWJz8BScUp5q3JMWyIHektbisO53BoHvtcYjJXMS1jl1VJBL1P90Age6wmi-PYaxTHyDISVGz6t87SzCm4Y4ILUMgJfZtR6Xezmj4Bsw2A8v9hbASIWmWDARrTUA6MUABiP1-K0R45TYR7nKEtTWbP7vTX4oL4-FvuzhaOO_ps8Ix_RYd-187gpw4oatmM7eblAl4SRDyQ6-gP4sapkzzt8eeMuTAHbthnXBwwAhX-fWIAlTS9ckGVLhzizyJkGF6MDIp3jL14twQdiXkMTDsjJYabjK6ionVuQXBW_mFTb0AF5ZFv30ksMWgGjI8npGbOW_PESw2vewxoAsxYNYZayVQonspw31Fw-z2EapO8K3hHXaCT1Ysj_U6dKMf8DGE_8ZdxwkxzSxijgXykG0SErfc_yFGUE_G0esswxdQtg0gfvkB9KAlvBKkbre8rSso0Kt4gqdLmSVda48b-9lpXt6bqowqp2G2Xd0BoQ3RIINYP12Xhbri1_o3j6-pSA3L6k7W8gxrgn0QMySLajssR99W_51yYdFt-addhyBefpdMNEwEuDeh_CQK3JHfeekTn1lBqU1zopp9KW9oL1LqcKk_UrVmRFo_flWogPLuuk39b74QDscxKIJFTPt9aeq1X8jdqEsqAG1tE4AHHb_Xnk12q6gXqrRKaTVNxgggN4Xxjt2FR_QwNgEclsQTC-TEDaJl1VxMAjOA23kAtcm4oauA5SX3hQ1y_ElRXHEecVj1lYDlOQFz8MJd1WJoCdXGjYgET5BTZFHE_DsRsEZZah7CbIJBK3fq-WqghNVX_eJMx0HX_E3wBYBHDaL5mEvmZfu1VDRqOWeRrck8uKsSLYbbLTzmpspskVBv7d7lHFmBFLFxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

70 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 19:05:42	Name: __cf_bm Value: ZPrAg8hsGcu4NfVyeDylPK5aSzzk2p6_7XT93PDhD3c-1710340979-1.0.1.1-2PwYTCi7RX7n03QM7ugehAbfDwfBx5wyTGoqpACXKFJmnKcHRiyqH944_r1GgHC.eudkQUMxuc4MT7ScyRCIhw
.darkreading.com/	1970-01-20 21:15:16	Name: _gcl_au Value: 1.1.770699488.1710340980
.darkreading.com/	1970-01-21 04:34:28	Name: _cb Value: CakmzYpdXenCgSFeY
.darkreading.com/	1970-01-21 04:34:28	Name: _chartbeat2 Value: .1710340979987.1710340979987.1.BJ8WlLC6_N4-DvN3QXBgjcggC8zyQz.1
.darkreading.com/	1970-01-20 19:05:42	Name: _cb_svref Value: external
.js.ubembed.com/	1970-01-20 19:05:42	Name: __cf_bm Value: 2R2uQB3tOh9AhEvYKot6XPJkT_Y2oWdBrFnYJ6H_ohA-1710340980-1.0.1.1-.iaYjPZ.dUozn08kb2ReTmeXx6zTnaR.rS5PHcxsb.WQfHH.FNQZ4DFFW7t7P0UmhZKs5lb866dg5iIFt33X6w
.darkreading.com/	1970-01-21 04:41:40	Name: _ga_1X1EHQ3PFR Value: GS1.1.1710340980.1.0.1710340980.60.0.0
.darkreading.com/	1970-01-21 04:41:40	Name: _ga Value: GA1.1.402851684.1710340980
.darkreading.com/	1970-01-20 23:24:52	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Mar+13+2024+15%3A43%3A00+GMT%2B0100+(Central+European+Standard+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=3e91ffa9-fab5-4d8f-8b60-21eed3d04104&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fapplication-security%2Fpixpirate-rat-invisibly-triggers-wire-transfers-android-devices&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-21 03:51:16	Name: _hjSessionUser_2610568 Value: eyJpZCI6Ijc1MmE5MTUxLTE4NGMtNTk3ZC1hNDM5LTNmMTk0YWVhNDhlZiIsImNyZWF0ZWQiOjE3MTAzNDA5ODAxMzEsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 19:05:42	Name: _hjSession_2610568 Value: eyJpZCI6IjY2YTU0ZTVkLTljNjctNGFjOC1iMWJhLWM1ZjQ4Zjk1Y2QyNCIsImMiOjE3MTAzNDA5ODAxMzMsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.darkreading.com/	1970-01-20 19:05:42	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-21 04:41:40	Name: _sp_id.94c4 Value: 01c0777f-6d08-456f-9acf-8c9448dffbdf.1710340980.1.1710340980.1710340980.b7f21831-22d7-4f09-b321-d1b867b245aa
.darkreading.com/	1970-01-21 04:41:40	Name: __td_signed Value: true
.darkreading.com/	1970-01-21 04:41:40	Name: _td Value: 711b1ac0-3564-41f3-b747-89b121028e9c
.in.treasuredata.com/	1970-01-21 04:41:40	Name: _td_global Value: 9584fb7c-c45e-48ef-8f83-e8462101a25a
www.darkreading.com/	1970-01-20 19:07:07	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.darkreading.com/	1970-01-21 03:51:16	Name: sp Value: ee3b1b45-5c5d-4979-ac74-6a9c7780420d
.darkreading.com/	1970-01-20 23:24:52	Name: __eoi Value: ID=9c00b2c7ac27c2b3:T=1710340980:RT=1710340980:S=AA-AfjYYWHexsr0iLCRfZcNXDUWg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/application-security/pixpirate-rat-invisibly-triggers-wire-transfers-android-devices Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
api.iiris.com
assets.ubembed.com
bam.eu01.nr-data.net
c.darkreading.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
eu-images.contentstack.com
eu01.in.treasuredata.com
fd14cb810bcd79bcb390fe953904511a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
in.ml314.com
js-agent.newrelic.com
marketingplatform.google.com
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.darkreading.com
www.google.com
www.google.de
www.googletagmanager.com
www3.doubleclick.net
z.moatads.com
108.138.26.31
13.32.27.107
13.32.99.18
132.226.214.62
151.101.66.137
18.198.248.132
18.214.208.237
18.245.86.118
18.66.97.49
185.221.87.23
2001:4860:4802:32::36
23.35.237.151
2600:9000:2646:fe00:18:1fcd:353:c61
2606:4700:4400::6812:2089
2606:4700:4400::6812:2595
2606:4700:4400::6812:27b5
2606:4700::6810:5049
2606:4700::6812:6d2f
2606:4700::6812:6f2f
2606:4700::6813:b234
2a00:1450:4001:806::2002
2a00:1450:4001:808::200a
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2001
2a00:1450:4001:813::200e
2a00:1450:4001:81d::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:400c:c06::9b
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42:400::649
2a05:d018:94a:8a02:e226:8b23:c1ec:bcc9
34.117.77.79
54.236.93.95
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
01f72131ddc7f6e363115621b63a62591aa77c98e1c5f30927c0660adca0888e
04b173010c4558c5eda3eb8fe73e09bca28e8423a90ab8700d294165da64d7be
0585c17865b250df20a5c5dbf25274d44443f26d24ed58bbe3215dd54dd864b1
093e0be5a6bd61e6a7a47709285d0645ea419ed77cc671e36997d2134844d317
0a44d4269d81abf38c5d19171739cdfec3ee9b33042490bd49584c4c5819eba1
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0cae0c401ab925a346fa1374d27b0e40c9002818ebfd40d34d63c289850aa7df
0d841b9e30e99e64aee11f2f33e62c0b53ada7804ecf4fe685abc092c291bfb6
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a
1362703286b603b1fa5632254b1e0e15b2a4093cd206e89ca927cae5d1d9b374
183959399e0b22aeb7e61d320057c3ec1c71429e806b7f8ac9a6a55c923e7b5d
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1895c960f7e7ec14b2d519359ecefe5341093eab6e515e3879f7c9a1f36d6d30
1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7
1a2f49c652e2f5b17601342d1279bf695e8b875ed0740bbe9adc1c2ae695afb8
1dbcf27f196a314b9436ec98ee5eb4cc45e161db7e221a9d7cad1e357bead673
1fe45985d17575b2fff7ea554d28c9a467bc94f204daee355b23f9d3e38a26f9
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28a9b7206dd22037dac819e4f09765836a31de17a8eb24c35b72d14e16ec6bb7
2953a341b436dedf351d2d43be5d2f05ddf56bfe394a5ad7c10a368dde3ee640
2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c
2b529d67152563a2f67b7afbfd6b4fa974e7b16d1c060353b347a6f98378d986
2bb6313879a2dbd651cb5e64cb9a1a001909f1895afaa3999f982073f6fce35b
2d198b7bae15cbf8ca6772395a09329b8173827ce04556b06a4682aaf0788b78
2d3909703deaeaa1a3469bac80ebc359ab469070aaee183731fc24c0ebaf9f47
2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3642fff96c79ce09bbb6b174373279b6c5c4cf27271ae371a9c20d3176db8f46
365541df37d0e7336234d0a3eb12b22b00c9ae4a776bd6287e452bac10b2f57e
3969275e27c6d5620dfc35c2c082ad39c755b4a706b533c11da5770adb01bbfd
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
3e41b4b05bdcccb0da8ec37f77e2ef63db46cc8184ce8acaef48b85861608eb8
3e9578d920c94709371fcdac34c6223e332c0b97b10e1ac73a15631f36cff77e
415a1d823405bc47df78891b9f8407a751c139b2fd732a47092e01e3062035f8
41e668dd7cfd6e434fdae0c94fe7197595609925400f481fd5bac1c7b85ac3af
421f42d1b8aa0245a58289f8d638468b08f5245a848eeb1d9ca3a18d39bc2bf7
443d2de9952c7118e93da58a19a56af1cf2527597a3bd2d7e20893faedc93365
46532f65ff54c2eb734aa7e9fa4bddd0bff56632b34118d4b2efcfd6e0efcfdb
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
478eb4fd665d0c4ded105ec9faf443448a0f5a821b882df7e7031760b7460425
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
4b4dae2fa65bc41f704d27df41d926d1aaf9eceec2f44f055e8a1d67ff5c4a20
4bf9ae2b1c3d54d70b711ca8248c523a8d8c06fd38dfb9a778f26dd522d8a82d
4c5dfe34d5f38b0af5740091a34d340d1f79abd9568bde3d233e8277067d0703
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
50a972d69593c022b2aaf4f3ab89aa5e25bfefa6351fb808e3e0f3f4c4d3a9a6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
58989addec2b23a52581d08bf717d6e0e78ed2063229d9035f44f895eb1b1c79
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f
5d65dd16eb85aeef98f61ec4254f0ae517343399f006b5e821793f7d131fe5d4
5e5ffac1e6032589bbaab5ab71d9b65d30a3e1db77fea2e78e455a2971f6af08
5f3a169d77b4aa03aff5d585021444dcfa7ee194a70607f5b9395b93ac705c60
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
60ec36859b6a7c99ff34d673b7a595fa3affdd4e27798ba81b21c5059bf3296b
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
64f57e11505d9153e001258ad9d23d655613b433b2139adef3d4affa03e25e55
65d1d7d68ec29435497fc67c21997ad9f372e6e9b8be04977101d79429d831d2
67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e
6d5e93201588b93ce0417a6243dd4ecbb873acf7683301e0302b3ea35263efe4
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d
78977aa7e48ac3ada126337dcb1135aef21a49c3371cb081e75b7e52397ab906
7b1e2858103af71683d15ee4d19330b075aeb35f103e4d878bd20c4120431864
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7c0b62c6c892374bc0cc4d52b350dbc0ec55ae14367f23c9a4eb5642bafe37dd
7dbc67cc14a4a09a538318699a94188c9e39b42c12e134170462c5252d0671f9
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
810ef2f54bab5a44d50a0db5a96fcf3ed42c9ef218b937be4e5f0f375453fa6b
81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde
825f6b61f96bc43809abd30cab948309377449c379a6f973c582f5d28bf267ab
826797a91d444259bd33fb9044d4053a04d5959a22388be0b30ce94f5b7abedd
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
87dfb6a24d6a28ae43bc4171330e3762c849a146c3eaf84a63299147c843aed2
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
899399c4549a52521fd59cfeed273f862286fac41219f6ad0e9560b3440572c7
8a33bf19b3eefc1bb1e9f944fd3cc6291048918d30cc9f13a31ae0b25b96d47b
8d45f36fddebccb6e44da45a7b867ec665175308988dca2b33f209e3a7b9e386
8e9a49cfbe04a98c8377001d92f1edd420226e312a150eab1273e36f79914f37
90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83
925b720471ac84776a2e6c8f7bcc0c595fde5bf6bd04b0716bb11b137e5f9d43
958df270928e54a1b4aed023a148d72f95b6e1a0c4747ac97bb7fd3655fa473c
963b5d457ebb5ccce695884037900e0406851975cde1b12c52fafc4c031099c3
9accf6b25643a8347224bbcdd2713716e394603a21af24798b81615b94d9d405
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
a1be35be349acf2eed9e22ca06e4a042b15f82a1506d6ababa2235a08f2d4bee
a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27
a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944
a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1
ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
b3a84eb18cc701d091fc13f892801e1de269c0e1c71aa3a07c1da8222a58e46d
b3a87df9271496c06304e181a7349ee8f466bf3aec2594604cddda621ed5e014
b4a725979acb1681a72265c90e68ae931853303505fb9e883bf7fe8e499a66df
b4e3310a15f2d2866391c1d75ba8da0452301a4a5a9d55ae462f84f6f37237ce
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
be7ae15b5f90bc66f452898fad399e264e5ef8c8f1e288b0c6689dfed08fe0f2
bef57073ec5b1447dc0c71974b900f8328e7c7bc50431bf6bab303edc71606bf
bf0cf805d7837a3df42f3afaa50296ccadc3f2ef16f16011a658bc7375184c42
c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c7e12e312a860642114d130c0f90c03f1845b9a874edae82e7489d55d4ec7892
c7eecc42aaae1307d934ee4a0255ba91074704cc6a9af55f2df61d0a29c3f66f
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
c95f14b0ff8aa78dc5fec09bbcd92b9f3e4861e6b93eaec291573d4ab26f87a9
caf9117b55ac11b08fad4eafdb495e104d1b656f4adb617a56285e8dd21a93ba
cdeb6d3b087fef0f74344d12f89b01a5bbe744969d6fbdf41c003dec5a8dd018
ce85dfc16c30b2f6141531a0d895a9a16b3d28b536441c314acd65f4cfefb8e1
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d257edf8980fc60e35e80abde2e8a425a3e6a79bff53b5cf77a772856841251f
d85e4dcb52ce714c7136eb95a32765325205a4aabdb51932bd9024c400be665d
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792
de1fa8738ea69b587d6c581d17fda6da21b04c21e65595bdd1971b8a681c63db
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e191f704e16d6d94a51162c18a2fa3298675cdff2f7674f5d93f56433834293d
e325a7450fd451b40103963f030bd5b18c52da364be883e87d366d78a7f1d2d4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ccb7bcf8e72fe4e720be101ba8daec8d9f90b7fbd3bf4fc3421b8f11f50d1f
e9246e3440c5a6b94ac5a3901ba7c5812932071ee331f795702d631a3b1f07f6
eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02edc287b721a068471a9e12391d5ec4310291401d61f578bba197c1a6ac148
f3a9f4028914c7a579e12ad8abe84e5d6f12cce4166b612743f941726688c1c5
f3e271b44a4874258fc6302e7996e949e760208bc02850938bb38a9ad626f2c4
f40e17e4af4d3a35e401e0c0dd9a7cf96ce8cb9413b311c2c2747c74cb6a8a30
fa3a98c1bb392bfed6ddb76311f3f8dddaf2dd436663c38613e066a81314bfb1
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc968a94886e49c075569cafadd25b9b21b2ba42bcac9114bb2586c57683f7eb
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6

www.darkreading.com Open in urlscan Pro 2606:4700::6812:6f2f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

186 Requests

99 %HTTPS

64 %IPv6

25 Domains

38 Subdomains

37 IPs

5 Countries

4122 kBTransfer

9150 kBSize

19 Cookies

39 Outgoing links

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6812:6f2f Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

99 %
HTTPS

64 %
IPv6

25
Domains

38
Subdomains

37
IPs

5
Countries

4122 kB
Transfer

9150 kB
Size

19
Cookies

186 HTTP transactions
3 data transactions