www.kaspersky.com Open in urlscan Pro
185.85.15.47 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/rXfiP4pqka
Effective URL:
https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatg...
Submission: On October 15 via manual (October 15th 2024, 11:41:41 pm UTC) from SA — Scanned from DE

Summary HTTP 106 Redirects Links 72 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 31 domains to perform 106 HTTP transactions. The main IP is 185.85.15.47, located in Germany and belongs to KL-EXT, CH. The main domain is www.kaspersky.com. The Cisco Umbrella rank of the primary domain is 225822.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on March 14th 2024. Valid for: a year.

This is the only time www.kaspersky.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.85.15.34 185.85.15.34	200107 (KL-EXT) (KL-EXT)
36	185.85.15.47 185.85.15.47	200107 (KL-EXT) (KL-EXT)
10	77.74.178.40 77.74.178.40	200107 (KL-EXT) (KL-EXT)
1	185.85.15.31 185.85.15.31	200107 (KL-EXT) (KL-EXT)
2	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
2	18.203.183.110 18.203.183.110	16509 (AMAZON-02) (AMAZON-02)
1	34.248.127.197 34.248.127.197	16509 (AMAZON-02) (AMAZON-02)
2	63.140.62.17 63.140.62.17	15224 (OMNITURE) (OMNITURE)
1 1	52.18.168.199 52.18.168.199	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2606:4700::68... 2606:4700::6811:f8cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:1268	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:350... 2a02:26f0:3500:10::210:a9a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a04:4e42:200... 2a04:4e42:200::396	54113 (FASTLY) (FASTLY)
2	2620:1ec:33::10 2620:1ec:33::10	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.209.37.110 52.209.37.110	16509 (AMAZON-02) (AMAZON-02)
1	52.50.176.83 52.50.176.83	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.43 18.66.102.43	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
2	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
1 3	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
1 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	172.217.18.3 172.217.18.3	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2620:1ec:bdf::64 2620:1ec:bdf::64	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.247.200.225 34.247.200.225	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	4.153.129.168 4.153.129.168	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
106	35

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.34 (Germany) 1 redirects

ASN200107 (KL-EXT, CH)

kas.pr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 185.85.15.47 (Germany)

ASN200107 (KL-EXT, CH)

www.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 77.74.178.40 (Russian Federation)

ASN200107 (KL-EXT, CH)

content.kaspersky-labs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api-router.kaspersky-labs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.85.15.31 (Germany)

ASN200107 (KL-EXT, CH)

media.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

sgtm.kaspersky.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.203.183.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-183-110.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.127.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-127-197.eu-west-1.compute.amazonaws.com

kaspersky.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.17 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net

otr.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.168.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-168-199.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:1268 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.gbqofs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:10::210:a9a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:33::10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.37.110 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-37-110.eu-west-1.compute.amazonaws.com

track.omguk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.176.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-176-83.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-43.fra56.r.cloudfront.net

js.go2sdk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

s.retargeted.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

sgtm.kaspersky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

pixel-config.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (San Francisco, United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.198 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

12346775.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.3 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::64 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.200.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-200-225.eu-west-1.compute.amazonaws.com

c1001.report.gbss.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 4.153.129.168 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

b.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	kaspersky.com www.kaspersky.com — Cisco Umbrella Rank: 225822 media.kaspersky.com — Cisco Umbrella Rank: 290794 otr.kaspersky.com — Cisco Umbrella Rank: 496101 sgtm.kaspersky.com — Cisco Umbrella Rank: 489097	888 KB
10	kaspersky-labs.com content.kaspersky-labs.com — Cisco Umbrella Rank: 465301 api-router.kaspersky-labs.com — Cisco Umbrella Rank: 454452	11 KB
6	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9307	3 KB
6	gbqofs.com cdn.gbqofs.com — Cisco Umbrella Rank: 6984	211 KB
4	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 321 px4.ads.linkedin.com — Cisco Umbrella Rank: 6828	2 KB
4	doubleclick.net 1 redirects 12346775.fls.doubleclick.net — Cisco Umbrella Rank: 453129 ad.doubleclick.net — Cisco Umbrella Rank: 150 stats.g.doubleclick.net — Cisco Umbrella Rank: 136	2 KB
3	clarity.ms www.clarity.ms — Cisco Umbrella Rank: 634 b.clarity.ms — Cisco Umbrella Rank: 15923	28 KB
3	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4610	73 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 243 kaspersky.demdex.net — Cisco Umbrella Rank: 392617	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	3 KB
2	bing.net bat.bing.net — Cisco Umbrella Rank: 20475	462 B
2	reddit.com pixel-config.reddit.com — Cisco Umbrella Rank: 1994 alb.reddit.com — Cisco Umbrella Rank: 1330	761 B
2	retargeted.co s.retargeted.co — Cisco Umbrella Rank: 117759	32 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	74 KB
2	omguk.com track.omguk.com — Cisco Umbrella Rank: 49678	3 KB
2	bing.com bat.bing.com — Cisco Umbrella Rank: 348	16 KB
2	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1063	13 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	190 KB
2	kaspersky.de sgtm.kaspersky.de — Cisco Umbrella Rank: 464609	352 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3643	263 B
1	gbss.io c1001.report.gbss.io — Cisco Umbrella Rank: 181921	691 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401	510 B
1	go2sdk.com js.go2sdk.com — Cisco Umbrella Rank: 26209	4 KB
1	xg4ken.com resources.xg4ken.com — Cisco Umbrella Rank: 6638	4 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 784	14 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 797	4 KB
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 1371	490 B
1	kas.pr 1 redirects kas.pr	3 KB
1	t.co t.co — Cisco Umbrella Rank: 859	793 B
0	dwin1.com Failed www.dwin1.com Failed
106	31

	Domain	Requested by
36	www.kaspersky.com	t.co www.kaspersky.com
6	mc.yandex.com	2 redirects mc.yandex.ru cdn.gbqofs.com
6	cdn.gbqofs.com	sgtm.kaspersky.de t.co cdn.gbqofs.com
6	content.kaspersky-labs.com	www.kaspersky.com
4	api-router.kaspersky-labs.com	www.kaspersky.com
3	px.ads.linkedin.com	1 redirects snap.licdn.com cdn.gbqofs.com
3	mc.yandex.ru	1 redirects t.co
2	www.facebook.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	bat.bing.net	bat.bing.com
2	12346775.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	sgtm.kaspersky.com	www.googletagmanager.com
2	s.retargeted.co	sgtm.kaspersky.de s.retargeted.co
2	connect.facebook.net	t.co connect.facebook.net
2	track.omguk.com	t.co
2	bat.bing.com	t.co bat.bing.com
2	www.redditstatic.com	sgtm.kaspersky.de www.redditstatic.com
2	www.googletagmanager.com	sgtm.kaspersky.de
2	otr.kaspersky.com	media.kaspersky.com cdn.gbqofs.com
2	dpm.demdex.net	media.kaspersky.com www.kaspersky.com
2	sgtm.kaspersky.de	www.kaspersky.com sgtm.kaspersky.de
1	b.clarity.ms	cdn.gbqofs.com
1	region1.google-analytics.com
1	stats.g.doubleclick.net
1	c1001.report.gbss.io	cdn.gbqofs.com
1	www.google.de
1	region1.analytics.google.com
1	px4.ads.linkedin.com
1	ad.doubleclick.net
1	alb.reddit.com
1	pixel-config.reddit.com	www.redditstatic.com
1	js.go2sdk.com	sgtm.kaspersky.de
1	resources.xg4ken.com	t.co
1	snap.licdn.com	sgtm.kaspersky.de
1	unpkg.com	t.co
1	cm.everesttech.net	1 redirects
1	kaspersky.demdex.net	media.kaspersky.com
1	media.kaspersky.com	www.kaspersky.com
1	kas.pr	1 redirects
1	t.co
0	www.dwin1.com Failed	sgtm.kaspersky.de
106	41

This site contains links to these domains. Also see Links.

Domain
support.kaspersky.com
ksos.kaspersky.com
locator.kaspersky.com
companyaccount.kaspersky.com
tip.kaspersky.com
ksc.kaspersky.com
partners.kaspersky.com
press.kaspersky.com
careers.kaspersky.com
latam.kaspersky.com
www.kaspersky.com.br
usa.kaspersky.com
www.kaspersky.ca
afrique.kaspersky.com
kaspersky.dz
www.kaspersky.ma
www.kaspersky.co.za
me-en.kaspersky.com
me.kaspersky.com
www.kaspersky.be
www.kaspersky.dk
www.kaspersky.de
www.kaspersky.es
www.kaspersky.fr
www.kaspersky.it
www.kaspersky.nl
no.kaspersky.com
www.kaspersky.pt
www.kaspersky.se
www.kaspersky.fi
www.kaspersky.co.uk
www.kaspersky.cz
hu.kaspersky.com
www.kaspersky.com.pl
www.kaspersky.ro
www.kaspersky.rs
www.kaspersky.com.tr
www.kaspersky.gr
bg.kaspersky.com
www.kaspersky.kz
www.kaspersky.ru
ukraine.kaspersky.com
www.kaspersky.com.au
www.kaspersky.co.in
id.kaspersky.com
www.kaspersky.com.vn
www.kaspersky.co.th
www.kaspersky.co.kr
www.kaspersky.com.cn
www.kaspersky.com.hk
www.kaspersky.com.tw
www.kaspersky.co.jp
thesascon.com
xtraining.kaspersky.com
www.facebook.com
twitter.com
www.linkedin.com
wa.me
linkedin.com
youtube.com
instagram.com
kasperskyclub.com
community.kaspersky.com

Subject Issuer	Validity	Valid
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
kaspersky.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-14` - `2025-03-13`	a year	crt.sh
content.kaspersky-labs.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-17` - `2024-11-19`	a year	crt.sh
media.kaspersky.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-03-15` - `2025-03-14`	a year	crt.sh
sgtm.kaspersky.de WR3	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-25` - `2025-10-26`	a year	crt.sh
otr.kaspersky.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-13` - `2025-07-14`	a year	crt.sh
*.google-analytics.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
api-router.kaspersky-labs.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2025-02-05`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2024-05-23` - `2024-11-02`	5 months	crt.sh
unpkg.com WE1	`2024-09-25` - `2024-12-24`	3 months	crt.sh
gbqofs.com WE1	`2024-09-10` - `2024-12-09`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-12-13` - `2024-12-12`	a year	crt.sh
www.redditstatic.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-06` - `2025-04-03`	6 months	crt.sh
www.bing.com Microsoft Azure RSA TLS Issuing CA 03	`2024-09-16` - `2025-03-15`	6 months	crt.sh
*.omguk.com Amazon RSA 2048 M03	`2024-06-23` - `2025-07-22`	a year	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2023-10-29` - `2024-11-29`	a year	crt.sh
js.go2sdk.com Amazon RSA 2048 M02	`2024-07-05` - `2025-08-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-25` - `2024-10-23`	3 months	crt.sh
retargeted.co WE1	`2024-09-22` - `2024-12-21`	3 months	crt.sh
sgtm.kaspersky.com WR3	`2024-08-29` - `2024-11-27`	3 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2024-10-13` - `2025-04-11`	6 months	crt.sh
*.doubleclick.net WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2024-10-14` - `2025-04-14`	6 months	crt.sh
*.google.de WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
bat.bing.net Microsoft Azure RSA TLS Issuing CA 03	`2024-07-30` - `2025-01-26`	6 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
*.report.gbss.io Amazon RSA 2048 M03	`2024-01-28` - `2025-02-26`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-09-24` - `2024-12-17`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
Frame ID: 79655AB5B8F5F956AA1BE21905A5F790
Requests: 102 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: 0E100E4143988C235B0117760F3CFE6E
Requests: 1 HTTP requests in this frame

Frame: https://12346775.fls.doubleclick.net/activityi;dc_pre=CMTrofTHkYkDFZGJgwcdLvc3cg;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;u6=;u7=69506809475763339353365157522277527577-GA1.1.1159739259.1729035697;u9=_about_press-releases_kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;ps=1;pcor=1848578342;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ae0v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1
Frame ID: 72C11AC735F2C149851CACA857E084BC
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: D40D704CEEDC82A575694DEC13FDDCEB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kaspersky uncovers PipeMagic backdoor attacks businesses through fake ChatGPT application

Page URL History Show full URLs

https://t.co/rXfiP4pqka Page URL
https://kas.pr/waa1 HTTP 301
https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesse... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Optimise (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

track\.omguk\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

106
Requests

95 %
HTTPS

42 %
IPv6

31
Domains

41
Subdomains

35
IPs

7
Countries

1932 kB
Transfer

5727 kB
Size

60
Cookies

72 Outgoing links

These are links going to different origins than the main page.

URL: https://support.kaspersky.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://ksos.kaspersky.com/#/auth/layout/ksos
Title: KSOS Portal

Search URL Search Domain Scan URL

URL: https://locator.kaspersky.com/b2b/
Title: Find a partner

Search URL Search Domain Scan URL

URL: https://companyaccount.kaspersky.com/account/login
Title: Company Account

Search URL Search Domain Scan URL

URL: https://tip.kaspersky.com/home
Title: Kaspersky TIP

Search URL Search Domain Scan URL

URL: https://support.kaspersky.com/us/business
Title: Support

Search URL Search Domain Scan URL

URL: https://ksc.kaspersky.com/
Title: Cloud Console

Search URL Search Domain Scan URL

URL: https://support.kaspersky.com/learning
Title: Product Training & Certification

Search URL Search Domain Scan URL

URL: https://locator.kaspersky.com/b2c/
Title: Consumer solutions providers

Search URL Search Domain Scan URL

URL: https://locator.kaspersky.com/distributors/
Title: Partnership with distributors

Search URL Search Domain Scan URL

URL: https://partners.kaspersky.com/
Title: Kaspersky United Partner Portal

Search URL Search Domain Scan URL

URL: https://partners.kaspersky.com/login/
Title: Become a B2B partner

Search URL Search Domain Scan URL

URL: https://press.kaspersky.com/
Title: Press center

Search URL Search Domain Scan URL

URL: https://careers.kaspersky.com/
Title: Careers

Search URL Search Domain Scan URL

URL: https://latam.kaspersky.com/?ignoreredirects=true
Title: América Latina

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.br/?ignoreredirects=true
Title: Brasil

Search URL Search Domain Scan URL

URL: https://usa.kaspersky.com/?ignoreredirects=true
Title: United States

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ca/?ignoreredirects=true
Title: Canada - English

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ca/fr?ignoreredirects=true
Title: Canada - Français

Search URL Search Domain Scan URL

URL: https://afrique.kaspersky.com/
Title: Afrique Francophone

Search URL Search Domain Scan URL

URL: https://kaspersky.dz/
Title: Algérie

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ma/
Title: Maroc

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.za/?ignoreredirects=true
Title: South Africa

Search URL Search Domain Scan URL

URL: https://me-en.kaspersky.com/?ignoreredirects=true
Title: Middle East (English)

Search URL Search Domain Scan URL

URL: https://me.kaspersky.com/?ignoreredirects=true
Title: الشرق الأوسط (عربى)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.be/?ignoreredirects=true
Title: Belgique & Luxembourg

Search URL Search Domain Scan URL

URL: https://www.kaspersky.dk/?ignoreredirects=true
Title: Danmark

Search URL Search Domain Scan URL

URL: https://www.kaspersky.de/?ignoreredirects=true
Title: Deutschland & Schweiz

Search URL Search Domain Scan URL

URL: https://www.kaspersky.es/?ignoreredirects=true
Title: España

Search URL Search Domain Scan URL

URL: https://www.kaspersky.fr/?ignoreredirects=true
Title: France

Search URL Search Domain Scan URL

URL: https://www.kaspersky.it/?ignoreredirects=true
Title: Italia & Svizzera

Search URL Search Domain Scan URL

URL: https://www.kaspersky.nl/?ignoreredirects=true
Title: Nederland

Search URL Search Domain Scan URL

URL: https://no.kaspersky.com/?ignoreredirects=true
Title: Norge

Search URL Search Domain Scan URL

URL: https://www.kaspersky.pt/?ignoreredirects=true
Title: Portugal

Search URL Search Domain Scan URL

URL: https://www.kaspersky.se/?ignoreredirects=true
Title: Sverige

Search URL Search Domain Scan URL

URL: https://www.kaspersky.fi/?ignoreredirects=true
Title: Suomi

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.uk/?ignoreredirects=true
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://www.kaspersky.cz/
Title: Česká republika

Search URL Search Domain Scan URL

URL: https://hu.kaspersky.com/
Title: Magyarország

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.pl/
Title: Polska

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ro/
Title: România

Search URL Search Domain Scan URL

URL: https://www.kaspersky.rs/
Title: Srbija

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.tr/?ignoreredirects=true
Title: Türkiye

Search URL Search Domain Scan URL

URL: https://www.kaspersky.gr/
Title: Ελλάδα (Greece)

Search URL Search Domain Scan URL

URL: https://bg.kaspersky.com/
Title: България (Bulgaria)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.kz/
Title: Қазақстан - Русский

Search URL Search Domain Scan URL

URL: https://www.kaspersky.kz/kk
Title: Қазақстан - Қазақша

Search URL Search Domain Scan URL

URL: https://www.kaspersky.ru/?ignoreredirects=true
Title: Россия и Белару́сь (Russia & Belarus)

Search URL Search Domain Scan URL

URL: https://ukraine.kaspersky.com/
Title: Україна (Ukraine)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.au/?ignoreredirects=true
Title: Australia

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.in/?ignoreredirects=true
Title: India

Search URL Search Domain Scan URL

URL: https://id.kaspersky.com/?ignoreredirects=true
Title: Indonesia (Bahasa)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.vn/
Title: Việt Nam

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.th/
Title: ไทย (Thailand)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.kr/
Title: 한국 (Korea)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.cn/?ignoreredirects=true
Title: 中国 (China)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.hk/
Title: 香港特別行政區 (Hong Kong SAR)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.com.tw/
Title: 台灣 (Taiwan)

Search URL Search Domain Scan URL

URL: https://www.kaspersky.co.jp/
Title: 日本語 (Japan)

Search URL Search Domain Scan URL

URL: https://thesascon.com/registration
Title: here

Search URL Search Domain Scan URL

URL: https://xtraining.kaspersky.com/?utm_source=pr-media&utm_medium=partner&utm_campaign=gl_xtr-gen-pr_je0066&utm_content=sm-post&utm_term=gl_pr-media_organic_66jpzgkgnjbgdrn&redef=1&THRU&reseller=gl_xtr-gen-pr_acq_ona_smm__onl_b2b_pr-media_post_______
Title: Kaspersky online training

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application

Search URL Search Domain Scan URL

URL: http://twitter.com/share?url=https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application

Search URL Search Domain Scan URL

URL: https://wa.me/?text=https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Kaspersky

Search URL Search Domain Scan URL

URL: https://twitter.com/kaspersky

Search URL Search Domain Scan URL

URL: https://linkedin.com/company/kaspersky/

Search URL Search Domain Scan URL

URL: https://youtube.com/Kaspersky

Search URL Search Domain Scan URL

URL: https://instagram.com/kasperskylab

Search URL Search Domain Scan URL

URL: https://kasperskyclub.com/

Search URL Search Domain Scan URL

URL: https://community.kaspersky.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/rXfiP4pqka Page URL
https://kas.pr/waa1 HTTP 301
https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.everesttech.net/cm/dd?d_uuid=79396029470024192532371590788186398275 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zw79sAAAAEaTnwOV

Request Chain 74

https://12346775.fls.doubleclick.net/activityi;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;u6=;u7=69506809475763339353365157522277527577-GA1.1.1159739259.1729035697;u9=_about_press-releases_kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;ps=1;pcor=1848578342;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ae0v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1 HTTP 302
https://12346775.fls.doubleclick.net/activityi;dc_pre=CMTrofTHkYkDFZGJgwcdLvc3cg;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;u6=;u7=69506809475763339353365157522277527577-GA1.1.1159739259.1729035697;u9=_about_press-releases_kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;ps=1;pcor=1848578342;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ae0v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1

Request Chain 78

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1 HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&e_ipv6=AQIOf157093LKQAAAZKSjvyq99tkCqFgn8f-HXSxpPiM18DKJdh6o9D2R7gM6IGuNg8ouuo

Request Chain 94

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10523.2J644E6OKg2BePaj7kT7IDT1O_ngfC0HsesVR28MtvfQBatui5gP8MdigIqZL954.NE71ffjdPoDaCo2cEN3k-ChFw3o%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=10523.QEZRsVl7AjDeERgGQdliwoSmdeWxIQVHPRn7adiONKmv8_RdYEsf9dP378gP9KnlZkErw2oT0-leV9HEDzWU__d9wBCojdb22Fuz8bF5AuuFoC_jcIW77FUz7VGf6s8a7kyGZ8fdvHu7cCJ2DXRAAz1085SaUMY9xxPFkytha8BbE6qcGV4xoT0irWfy6eMVZ8X9V3Nft6V4gMcZOMd-Jb9-UTNgj-1q0ydN3zdb-Us%2C.w3EImcyXxLevd1Z5ELF-F3w09Pk%2C HTTP 302
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10523.wF7WythnSs2eWLh7pLlXfNlwmfuhVQJpgWSTLasBW-x-ng1H49Awa5XIigmCVe5e8oalPzLxLfEy8n2OHakV8zVadZgNNw3px1-2Gda5r9WtiOd4hkFWowUWn3Dj7T050HOgHheqKkQh5fGsAXqHxMnzbzKIKMMZ25S0zbGYotowY39TrkMvv2wqHjd0vpGVuiAbhpMtfYiCR8QVHD04Mw%2C%2C.xAsdeQASABjDr6JxuP_QITH6w2M%2C

106 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 rXfiP4pqka Show response
t.co/ 212 B
793 B 158ms
140ms Document
text/html 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_o /

Resource Hash

5736a62a53828eff39724e387abc3a29f714dc6d9ea72bbfd36bdd94658b1b0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: private,max-age=300
cf-cache-status: DYNAMIC
cf-ray: 8d33a927e97c9142-FRA
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 23:41:35 GMT
expires: Tue, 15 Oct 2024 23:46:35 GMT
perf: 7402827104
server: cloudflare tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: ccf76ffd3a1b1eb3d29252c426d1fe319c527326551608dce098fff6b88644bd
x-response-time: 110
x-transaction-id: ed6a63d2737273e8
x-xss-protection: 0

GET
H2

200

Primary Request kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application Show response
www.kaspersky.com/about/press-releases/
Redirect Chain

https://kas.pr/waa1
https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMa...

351 KB
74 KB

411ms
378ms

Document
text/html

185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / Next.js

Resource Hash

d656066adb8d0609526683c02e8c776d2a45f3efb28e98e836baaa4feb19b73a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://t.co/rXfiP4pqka
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=600
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 23:41:36 GMT
etag: "1k9wmoiyqk7oev"
expires: Tue, 15 Oct 2024 23:51:36 GMT
referrer-policy: no-referrer-when-downgrade
server: Angie
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cached: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-platform: siterenderer
x-powered-by: Next.js
x-proxy: fra2
x-request-id: 5cac5717fac776e73e5f31c6cf550886
x-server: MSKTCMWEB12
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400; persist=1
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
content-length: 1446
content-type: text/html; charset=utf-8
date: Tue, 15 Oct 2024 23:41:35 GMT
location: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
pragma: no-cache
server
strict-transport-security: max-age=31536000; includeSubDomains
x-powered-by: Kaspersky Labs
x-server: fr2/

GET
H2 200 common.328f728c5bdcd1bc358186e30ad1606d.css
www.kaspersky.com/siterenderer/_next/static/css/ 34 KB
6 KB 9ms
8ms Stylesheet
text/css 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/css/common.328f728c5bdcd1bc358186e30ad1606d.css

Requested by

Host: www.kaspersky.com
URL: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

92f0b7914baf79b9fd35926c4a2f2e933dac882dfea5a2620fb43f63a78c3e6b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 69b5173ccbfc8cc4200dd30e9cd42ff5
content-encoding: gzip
etag: W/"864f-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: text/css; charset=UTF-8
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 6738d212a9f22d77971eed8fbb3255c7.css
www.kaspersky.com/api/siterenderer/css/ 197 KB
31 KB 102ms
101ms Stylesheet
text/css 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/api/siterenderer/css/6738d212a9f22d77971eed8fbb3255c7.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

ecf0ea9cd48d08f9434e0f7059452ba055c62941d101966e8c5026f558fb62a7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 255dce1e7b40deb4ecd4acc771443eb2
content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: text/css
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 KasperskySansDisplay-Regular.f94abc02.woff2
www.kaspersky.com/siterenderer/_next/static/media/ 49 KB
49 KB 103ms
102ms Font
font/woff2 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/KasperskySansDisplay-Regular.f94abc02.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

f453d7bb5a2e85607c6352d45c7a5be89c3baddd0e9a13ca99e42a27e046ae93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 4ba405fa55cc7ebeba834dffce03d2e3
etag: W/"c208-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 49672
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 KasperskySansDisplay-Medium.1eb75ca3.woff2
www.kaspersky.com/siterenderer/_next/static/media/ 49 KB
49 KB 108ms
107ms Font
font/woff2 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/KasperskySansDisplay-Medium.1eb75ca3.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

b1fc9738970b7946c95e587842c44cad8f82bc593006a87b9faa3378e91ca96e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 98f53c262c109b83974c81e33bc54098
etag: W/"c2a0-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 49824
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 KasperskySansDisplay-SemiBold.c4b7fb58.woff2
www.kaspersky.com/siterenderer/_next/static/media/ 49 KB
49 KB 109ms
109ms Font
font/woff2 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/KasperskySansDisplay-SemiBold.c4b7fb58.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

a3d602cb463bf851d1804c5b7fb88ea6884b7ddbe239c31789cc0c37fb81ccdb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 9869b4f17cba370856474b772746b35e
etag: W/"c388-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 50056
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 KasperskySansDisplay-Bold.c5063c4a.woff2
www.kaspersky.com/siterenderer/_next/static/media/ 49 KB
49 KB 111ms
111ms Font
font/woff2 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/KasperskySansDisplay-Bold.c5063c4a.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

7ee5cd71bb444fcc52f4d9870470c9765f370af7d8d56112316d1da2c365096d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: a5b605837331efd5486618c0e4393b06
etag: W/"c3a4-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 50084
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 KasperskySansDisplay-ExtraBold.3d820eca.woff2
www.kaspersky.com/siterenderer/_next/static/media/ 49 KB
49 KB 197ms
197ms Font
font/woff2 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/KasperskySansDisplay-ExtraBold.3d820eca.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

236cf53b37c32b638e679825ae6c3a10519e9a5686205fb0dd02739581a5e8ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 6c8f2a4418c2a33074b2c16fde9f901d
etag: W/"c320-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 49952
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 commons.9ed8f2a34e80578c.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 407 KB
119 KB 83ms
79ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/commons.9ed8f2a34e80578c.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

727c26cb2ad26384a9d898bac337bc163444b2e4374bc2d67592349fb017b561

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 8f31a84fb732ad0428885e0e7b6de28b
content-encoding: gzip
etag: W/"65a3c-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Page.Page.01ec02a436e7631d.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 473 B
843 B 84ms
80ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Page.Page.01ec02a436e7631d.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

b4d9ea2495c3e74cb980fd0ebc0e55a12697433372a8569c1f87365f2758d238

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: cdd765c53422f2639ace032c7098d4d5
content-encoding: gzip
etag: W/"1d9-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 6741.02fe08b1eae4eadf.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 30 KB
11 KB 84ms
80ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/6741.02fe08b1eae4eadf.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

d5a8e914b5473bc97399172800d3e0bbc1c21f0e8f3908eae0a54b06fffdc3fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: caf8cf6a43fd22c1da6447ca3a60f66a
content-encoding: gzip
etag: W/"771b-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 2225.7ee637cf530226e5.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 58 KB
20 KB 85ms
82ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/2225.7ee637cf530226e5.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

a4022f24f1b6f18ba43b046f2a062abc91ecfcbed07799abc7caab6b2f1f554e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: a2534eeb09dc1005054584f0df905b4c
content-encoding: gzip
etag: W/"e93d-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 layout.EmptyModernizationLayout.ce35e0b03849cc7d.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 1 KB
1 KB 182ms
178ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/layout.EmptyModernizationLayout.ce35e0b03849cc7d.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

49e13ee3649e65ad5e52f6c179486a2e2d4439aff526906228d931527d86bdad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 2cb59ed7f35a69c5b6c7708c0dafb4b6
content-encoding: gzip
etag: W/"431-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 4468.6e0896add7815d20.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 10 KB
4 KB 183ms
180ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/4468.6e0896add7815d20.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

7bcac2f13babd56a9bf9a412b32131296cab3168c150eb5baa6f4c451bb831f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 181ed9fc4e00ba810bbf0a1b016fed72
content-encoding: gzip
etag: W/"2710-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 6031.228e55e08f8d89b2.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 20 KB
8 KB 185ms
182ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/6031.228e55e08f8d89b2.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

c040cf25646dec3acaf9e23595fe095b35321d477995cc7db992c74d510973e2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 6458a8adf5fe2965491b9e1aa416b95c
content-encoding: gzip
etag: W/"5015-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Baseline.HeaderBBB.9be68f19e38ca04c.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 76 KB
23 KB 187ms
184ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Baseline.HeaderBBB.9be68f19e38ca04c.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

2b9ada319495f3f5e77a132ff11a50f125b623457b952636fa86569a83d18b7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 042c0a94918a08d3bf24c9362ad1d1fe
content-encoding: gzip
etag: W/"12fdb-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Repository.ArticleBreadcrumbs.edebb8b3b0951e0f.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 1 KB
1 KB 189ms
186ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Repository.ArticleBreadcrumbs.edebb8b3b0951e0f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

7fdda5ddd8001e766bee42d7453e03559a1f1c6d7f83d215a9d0530c2734df77

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 3ff5ea6e19362ad14ad93af58f7dab38
content-encoding: gzip
etag: W/"56d-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Repository.ArticleBody.f4ec5c180ab3f8be.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 13 KB
5 KB 282ms
280ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Repository.ArticleBody.f4ec5c180ab3f8be.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

8fd091a2ebad5f0484ab5e2305a8a09ace24461a7d5a11bed0b7b467f1d42f9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 677f697102805ca246572ca983879568
content-encoding: gzip
etag: W/"32af-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 5383.6258e6afc599724e.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 14 KB
5 KB 285ms
282ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/5383.6258e6afc599724e.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

1c954b7f68732846a126fc9d1de0e512e5ecb5b969b29b17c52584d44787f614

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 51fd6d8cc4f189acff66e05074c49648
content-encoding: gzip
etag: W/"393c-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Baseline.BodyContent.1ffc6e622c90f0ca.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 719 B
988 B 288ms
285ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Baseline.BodyContent.1ffc6e622c90f0ca.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

e0ec54f4555ff0d104bede41ef1c87356f86dd9ab5a0cb92bf64c65edca2906d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 2840b95c66154ecbdcca04bbded6f6e5
content-encoding: gzip
etag: W/"2cf-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Repository.Share.40c8fd34e6ffbbca.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 2 KB
1 KB 290ms
288ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Repository.Share.40c8fd34e6ffbbca.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

0f178accba27f1301e705e3b5fa6be50b221d46c0b11d65767e45aed62c8d491

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 2fdc1747d1c1c2128f730a059e817385
content-encoding: gzip
etag: W/"792-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 8138.66e4f9ae6261bf4f.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 13 KB
5 KB 292ms
290ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/8138.66e4f9ae6261bf4f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

6549b0bd802384c2eaf17d2f7d58037ce1213a8f0c2c46dbe617f9ccc2a8f4f2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: dc090c99e8b6238bd1b5fde235c6c949
content-encoding: gzip
etag: W/"3564-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Repository.CategoryPreview.e2fd6d532f7ee4d5.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 6 KB
3 KB 381ms
378ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Repository.CategoryPreview.e2fd6d532f7ee4d5.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

9e4a708d0846160e708374e1d3f12627ce27f0b3391f59ccdce433b39838fd60

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 9946d9ff032066eba890d60381c963e0
content-encoding: gzip
etag: W/"16b4-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 1673.82d32c773d0e7f4f.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 31 KB
11 KB 383ms
381ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/1673.82d32c773d0e7f4f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

ef19b9d5458426390e1e42ca4ab00ab81ab3494878fe7c56b6000b6dda1ab742

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 3c39568f8c818eef728af42191eeb226
content-encoding: gzip
etag: W/"7b30-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 Baseline.FooterBBB.115661fa14acc68e.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 806 B
1012 B 385ms
383ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/Baseline.FooterBBB.115661fa14acc68e.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

094240e4f36bf27aceb9eb5b0ec574bffa4b3898b5eb5895cafd63913c0f62f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: c46c26c5e881ad118442a3baae6eb69e
content-encoding: gzip
etag: W/"326-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 webpack-fdd3c6fcbbe76833.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 22 KB
10 KB 386ms
384ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/webpack-fdd3c6fcbbe76833.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

2e85746adfc825e140d0e88733c9aac372e29b173f406890dcdddac6f4a3f17e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: a1ee2778ff5c9764a1c93cce274b78f6
content-encoding: gzip
etag: W/"5696-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 framework-f476093c6942983e.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 146 KB
46 KB 389ms
387ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/framework-f476093c6942983e.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

dd312f1ffc0d7531838f3b69bfefff3adee2f4acc469261a9137af1ee034af3c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 712b69d0f95882bb71fc67fcd924902f
content-encoding: gzip
etag: W/"249b9-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 main-ec7bf3e65abf31bd.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/ 106 KB
32 KB 481ms
479ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/main-ec7bf3e65abf31bd.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

48a38019b41ab7e60f0e709b41005447b37c6d84e2d9a75a0f7fdc720630a7c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: d99202799ffb6bebce075aa0f0f90642
content-encoding: gzip
etag: W/"1a690-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 _app-f1fccf9029a50980.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/pages/ 219 KB
65 KB 482ms
480ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/pages/_app-f1fccf9029a50980.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

2ea680420fdb53bf6538088e6c701b32226f1538cca01fbeb3731c5c97752ce8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 45b1be77d9b042bfc2ea941008b34e11
content-encoding: gzip
etag: W/"36d4b-19243a50c18"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 30 Sep 2024 15:55:43 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 %5B%5B...page%5D%5D-f6d3b83558edb919.js Show response
www.kaspersky.com/siterenderer/_next/static/chunks/pages/ 121 KB
17 KB 485ms
483ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/chunks/pages/%5B%5B...page%5D%5D-f6d3b83558edb919.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

0d55d0f69b01bd8d8aa56adf0f83191893d9df2e1d1cd39e7d8b6a2ec03657c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: c84ecf84dc0327c103e48e4465aadb94
content-encoding: gzip
etag: W/"1e4d4-192678ccdf0"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
last-modified: Mon, 07 Oct 2024 15:15:34 GMT
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 _buildManifest.js Show response
www.kaspersky.com/siterenderer/_next/static/dI7-e3kG_QB79tPH9sOvW/ 506 B
796 B 485ms
483ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/dI7-e3kG_QB79tPH9sOvW/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

4da5f22e1c8d729862c4edb8e50a87ae7c75dd06a452a90e18c097a907e14b5c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 5236475a484c30e199d3f851db6cc0bf
content-encoding: gzip
etag: W/"1fa-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 _ssgManifest.js Show response
www.kaspersky.com/siterenderer/_next/static/dI7-e3kG_QB79tPH9sOvW/ 77 B
581 B 484ms
483ms Script
application/javascript 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/dI7-e3kG_QB79tPH9sOvW/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 7099102a6f34fe91bb49e6dea0108bc0
content-encoding: gzip
etag: W/"4d-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 pipemagic-q75.png
content.kaspersky-labs.com/fm/press-releases/0f/0f32a2cd65efcb6168ac010587484ddb/processed/ 4 KB
5 KB 302ms
144ms Image
image/png 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.kaspersky-labs.com/fm/press-releases/0f/0f32a2cd65efcb6168ac010587484ddb/processed/pipemagic-q75.png

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / ASP.NET

Resource Hash

cfc8c57315a84b35e30206c48d2538991cb96893991c97ea5988c794748f8b4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: e81f264aec1eb43318ec82362568d738
etag: "80841a137319db1:0"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST
expires: Wed, 16 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: image/png
last-modified: Tue, 08 Oct 2024 11:13:17 GMT
x-server: MSK9
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=86400
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4397
x-xss-protection: 1; mode=block
x-proxy: msk1
x-powered-by: ASP.NET
server: Angie
x-cached: STALE

GET
H2 200 kaspersky-logo.svg
content.kaspersky-labs.com/se/com/content/en-global/images/homepage/kaspersky-logo/ 3 KB
2 KB 227ms
69ms Image
image/svg+xml 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.kaspersky-labs.com/se/com/content/en-global/images/homepage/kaspersky-logo/kaspersky-logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / ASP.NET

Resource Hash

814f6458d81ef30a5d67fe75f61a3ab41ebd1bd309363d1de94f7e1cc88c40fd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 18ccbaa70368dfb241f0800985b48f91
content-encoding: gzip
etag: "076e67c31ad51:0"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST
expires: Wed, 16 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: image/svg+xml
last-modified: Mon, 03 Jun 2019 11:57:16 GMT
x-server: MSK9
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=86400
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1561
x-xss-protection: 1; mode=block
x-proxy: msk1
x-powered-by: ASP.NET
server: Angie
x-cached: HIT

GET
H2 200 facebook.svg
content.kaspersky-labs.com/fm/site-editor/2f/2f0a7404c547065a1fe6eb7754282ff9/processed/ 697 B
1012 B 240ms
152ms Image
image/svg+xml 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.kaspersky-labs.com/fm/site-editor/2f/2f0a7404c547065a1fe6eb7754282ff9/processed/facebook.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / ASP.NET

Resource Hash

873dd00c62f6ac134a3fad5016d0921cdbd43a52c9f9aa4e6cd987e90aa3d2a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 75db521b87288e94169441c38935b39e
content-encoding: gzip
etag: W/"0c31921337da1:0"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST
expires: Wed, 16 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
last-modified: Mon, 25 Dec 2023 09:16:14 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-server: MSK11
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=86400
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: msk1
x-powered-by: ASP.NET
server: Angie
x-cached: STALE

GET
H2 200 twitterx.svg
content.kaspersky-labs.com/fm/site-editor/ad/ad34ec646b386d1a3c8fccd270d58bda/source/ 596 B
966 B 238ms
150ms Image
image/svg+xml 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.kaspersky-labs.com/fm/site-editor/ad/ad34ec646b386d1a3c8fccd270d58bda/source/twitterx.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / ASP.NET

Resource Hash

7816f7283252e8add34d3f954e7ec98dcc5f8f1887c21995da5eca810b11e52b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 97031be90c874e077d538f7e67994850
content-encoding: gzip
etag: W/"804a98cd034da1:0"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST
expires: Wed, 16 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
last-modified: Fri, 22 Dec 2023 12:11:53 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-server: MSK11
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=86400
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: msk1
x-powered-by: ASP.NET
server: Angie
x-cached: STALE

GET
H2 200 linkedin.svg
content.kaspersky-labs.com/fm/site-editor/6e/6e58acdcfdbd7ecb043da3fc03848651/processed/ 973 B
1 KB 235ms
148ms Image
image/svg+xml 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.kaspersky-labs.com/fm/site-editor/6e/6e58acdcfdbd7ecb043da3fc03848651/processed/linkedin.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / ASP.NET

Resource Hash

ef0d78292aef54da144a94dcb307a6a8fdafb55f95138d5ed68690f162635847

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 783108513b9054cca4c6cd94d73c24c2
content-encoding: gzip
etag: W/"808e92331337da1:0"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST
expires: Wed, 16 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
last-modified: Mon, 25 Dec 2023 09:17:37 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-server: MSK12
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=86400
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: msk1
x-powered-by: ASP.NET
server: Angie
x-cached: STALE

GET
H2 200 whatsapp.svg
content.kaspersky-labs.com/fm/site-editor/5d/5d57477b76a23972f9ef486bf88a615d/processed/ 1 KB
1 KB 242ms
156ms Image
image/svg+xml 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://content.kaspersky-labs.com/fm/site-editor/5d/5d57477b76a23972f9ef486bf88a615d/processed/whatsapp.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie / ASP.NET

Resource Hash

fcc5d1b6fc914038230c64d5380b6018a885f57c1e7d76ee7e0ef1bd175f48d2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-request-id: 3e634bd4c1787a766ae8f0d33ef193f6
content-encoding: gzip
etag: W/"80b04299d088d91:0"
x-content-type-options: nosniff
access-control-allow-methods: GET, POST
expires: Wed, 16 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
last-modified: Wed, 17 May 2023 15:02:29 GMT
content-type: image/svg+xml
vary: Accept-Encoding
x-server: MSK12
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=86400
referrer-policy: no-referrer-when-downgrade
access-control-allow-origin: *
x-xss-protection: 1; mode=block
x-proxy: msk1
x-powered-by: ASP.NET
server: Angie
x-cached: STALE

GET
H2 200 s_code_single_suite.js Show response
media.kaspersky.com/tracking/omniture/ 208 KB
50 KB 150ms
106ms Script
application/javascript 185.85.15.31
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Requested by

Protocol

Security

TLS 1.3, , CHACHA20_POLY1305

Server

185.85.15.31 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

/ Kaspersky Labs, Kaspersky Labs

Resource Hash

2a0bee86cb7897007c66d44b3008c3f91ff9e1f9a289c97eeff0a0d19c6275a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: br
etag: "80f291d72cf2da1:0"
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400; persist=1
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript
last-modified: Mon, 19 Aug 2024 11:42:17 GMT
x-server: fr2/KLM6
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: max-age=3600
accept-ranges: bytes
content-length: 51027
x-xss-protection: 1; mode=block
x-powered-by: Kaspersky Labs, Kaspersky Labs
server

GET
H2 200 gtm.js Show response
sgtm.kaspersky.de/ 565 KB
162 KB 74ms
43ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-WZ7LJ3
Requested by: Host: www.kaspersky.com
URL: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: f18c733ec55ba474027d9cb1e2e0924aecc686c282150c68c0cf1015d93f3460

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
expires: Tue, 15 Oct 2024 23:56:34 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 15 Oct 2024 23:07:40 GMT

GET
H2 200 KasperskySansDisplay-Light.d665fd2d.woff2
www.kaspersky.com/siterenderer/_next/static/media/ 47 KB
48 KB 457ms
456ms Font
font/woff2 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/KasperskySansDisplay-Light.d665fd2d.woff2

Requested by

Host: www.kaspersky.com
URL: https://www.kaspersky.com/siterenderer/_next/static/css/common.328f728c5bdcd1bc358186e30ad1606d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

337549adc4ab6b4e1a831e5ec1f79400cacfce80151c195d77d566e4d1bdf8f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/siterenderer/_next/static/css/common.328f728c5bdcd1bc358186e30ad1606d.css

Response headers

x-request-id: baa06d5f8181f98afa8a7d3cabbbdc37
etag: W/"bd9c-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff2
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 48540
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 NotoKufiArabic-Regular.cfbca3c8.woff
www.kaspersky.com/siterenderer/_next/static/media/ 38 KB
38 KB 458ms
458ms Font
font/woff 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/NotoKufiArabic-Regular.cfbca3c8.woff

Requested by

Host: www.kaspersky.com
URL: https://www.kaspersky.com/siterenderer/_next/static/css/common.328f728c5bdcd1bc358186e30ad1606d.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

a5d930fb9951e4f30eaf140d04ab1cee09f4ca98485d1d0aa486c74a6b931b01

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/siterenderer/_next/static/css/common.328f728c5bdcd1bc358186e30ad1606d.css

Response headers

x-request-id: 8973cba2ab24b6496ccd85291e7fe508
etag: W/"96e4-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: font/woff
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
accept-ranges: bytes
content-length: 38628
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

GET
H2 200 id Show response
dpm.demdex.net/ 368 B
918 B 107ms
34ms XHR
application/json 18.203.183.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1729035696551

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.203.183.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-183-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

03d5bc1c200dae7b83e77ba62636979f971f30464916a2ea0b7f305f4f9d71dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v066-073f5f04e.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
access-control-allow-credentials: true
x-tid: e0VRzPLVQ2U=
expires: Thu, 01 Jan 1970 00:00:00 UTC
access-control-allow-origin: https://www.kaspersky.com
content-length: 311
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/json;charset=utf-8
vary: Origin

GET
H2 200 gtm.js Show response
sgtm.kaspersky.de/ 643 KB
190 KB 44ms
44ms Script
application/javascript 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-T45JW6B&l=dataLayer&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015
Requested by: Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-WZ7LJ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: fdc3aaf28a5f2a1b804039c6a2ea2c3a934ee7a2af47963f45caf826484b4b02

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: private, max-age=900
content-encoding: gzip
via: 1.1 google
expires: Tue, 15 Oct 2024 23:55:43 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 15 Oct 2024 23:07:40 GMT

GET
H2 200 dest5.html
kaspersky.demdex.net/ Frame 0E10 0
0 113ms
34ms Document
text/html 34.248.127.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://kaspersky.demdex.net/dest5.html?d_nsid=0

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.248.127.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-127-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Tue, 15 Oct 2024 23:41:36 GMT
dcs: dcs-prod-irl1-1-v066-06a7acc1a.edge-irl1.demdex.com 0 ms
expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 10 Oct 2024 08:50:35 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains
vary: accept-encoding
x-tid: 1OiB7enoSto=

GET
H2 200 id Show response
otr.kaspersky.com/ 48 B
463 B 75ms
20ms XHR
application/x-javascript 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://otr.kaspersky.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=69506809475763339353365157522277527577&ts=1729035696683

Requested by

Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

2c6c4f0245d6399bc35650be4281b3fea4e65fb646ecc7b9b945cb31f6795aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-origin: https://www.kaspersky.com
p3p: CP="This is not a P3P policy"
content-length: 48
date: Tue, 15 Oct 2024 23:41:36 GMT
x-xss-protection: 1; mode=block
content-type: application/x-javascript;charset=utf-8
vary: Origin
server: jag

GET
H2

200

ibs:dpid=411&dpuuid=Zw79sAAAAEaTnwOV
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=79396029470024192532371590788186398275
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zw79sAAAAEaTnwOV

42 B
717 B

34ms
34ms

Image
image/gif

18.203.183.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zw79sAAAAEaTnwOV

Requested by

Protocol

Server

18.203.183.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-183-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs: dcs-prod-irl1-2-v066-0744a526d.edge-irl1.demdex.com 2 ms
content-encoding: gzip
pragma: no-cache
x-content-type-options: nosniff
x-tid: 8TdyZq8ASH4=
expires: Thu, 01 Jan 1970 00:00:00 UTC
content-length: 59
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: image/gif

Redirect headers

Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Zw79sAAAAEaTnwOV
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Content-Length: 0
Date: Tue, 15 Oct 2024 23:41:36 GMT
Connection: keep-alive
Server: AMO-cookiemap/1.1

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 325 KB
109 KB 52ms
32ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-NSVBRC7S52&l=dataLayer&cx=c&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015

Requested by

Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-T45JW6B&l=dataLayer&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5c54cc8e69105dc466ad9aee124d9c497b0e11711ad4eb662ac941926a28bf06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Tue, 15 Oct 2024 23:41:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 110610
x-xss-protection: 0
server: Google Tag Manager

POST
H2 200 send
api-router.kaspersky-labs.com/pulse/rum/ 0
0 234ms
80ms Ping
application/json 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL: https://api-router.kaspersky-labs.com/pulse/rum/send
Requested by: Host: www.kaspersky.com
URL: https://www.kaspersky.com/siterenderer/_next/static/chunks/pages/_app-f1fccf9029a50980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

POST
H2 200 send
api-router.kaspersky-labs.com/pulse/rum/ 0
0 332ms
177ms Ping
application/json 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL: https://api-router.kaspersky-labs.com/pulse/rum/send
Requested by: Host: www.kaspersky.com
URL: https://www.kaspersky.com/siterenderer/_next/static/chunks/pages/_app-f1fccf9029a50980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

GET
H2 200 white.c07a2a9b.svg
www.kaspersky.com/siterenderer/_next/static/media/ 246 B
691 B 8ms
8ms Image
image/svg+xml 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kaspersky.com/siterenderer/_next/static/media/white.c07a2a9b.svg

Requested by

Host: www.kaspersky.com
URL: https://www.kaspersky.com/api/siterenderer/css/6738d212a9f22d77971eed8fbb3255c7.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

8c4e1c4dcc2455b5c1165341e5fe88567639ccd343539e73f13b0d97f50290d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/api/siterenderer/css/6738d212a9f22d77971eed8fbb3255c7.css

Response headers

x-request-id: a7e5d262e22425b9b12f673edc98aa4e
content-encoding: gzip
etag: W/"f6-19271a76db8"
x-content-type-options: nosniff
expires: Tue, 29 Oct 2024 23:41:36 GMT
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: image/svg+xml
vary: Accept-Encoding, Accept-Encoding
last-modified: Wed, 09 Oct 2024 14:20:51 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' https://shop.kaspersky.co.uk https://shop.kaspersky.ca;
cache-control: max-age=1209600
referrer-policy: no-referrer-when-downgrade
x-xss-protection: 1; mode=block
x-proxy: fra2
x-cached: HIT
server: Angie

POST
H2 200 /
api-router.kaspersky-labs.com/logger2/metrics/ 0
0 234ms
96ms Ping
text/plain 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL: https://api-router.kaspersky-labs.com/logger2/metrics/
Requested by: Host: www.kaspersky.com
URL: https://www.kaspersky.com/siterenderer/_next/static/chunks/pages/_app-f1fccf9029a50980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 208 KB
72 KB 203ms
98ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

3161948f21bf24d9ef8c34e37b7d1790d5cce63c44d982ca9f63bc6b6acbfe99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
content-encoding: br
etag: "6707cb5e-11cda"
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires: Wed, 16 Oct 2024 00:41:37 GMT
access-control-allow-origin: *
content-length: 72922
date: Tue, 15 Oct 2024 23:41:37 GMT
last-modified: Thu, 10 Oct 2024 12:41:02 GMT
content-type: application/javascript

GET
H2 200 web-vitals.attribution.iife.js Show response
unpkg.com/web-vitals@3.0.0/dist/ 10 KB
4 KB 45ms
17ms Script
application/javascript 2606:4700::6811:f8cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.0.0/dist/web-vitals.attribution.iife.js

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "2647-N1l5oKJqaDLvxL3cO+UxlArzaXc"
age: 1014897
x-content-type-options: nosniff
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J9B11RV52P4AM3JK1Z85FV0A-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8d33a9328d89bbb5-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/kaspersky/americas/p/ 2 KB
888 B 47ms
20ms Script
application/javascript 2606:4700::6812:1268
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/kaspersky/americas/p/detector-dom.min.js
Requested by: Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-T45JW6B&l=dataLayer&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f622a0af5e2151febb626730108cc195956e043f09d15236ac1c29e6836bc1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6524e09f037820b70a918bb1f3bd2693"
x-amz-version-id: OzjfPo7cZJJFjTtBzZWBa406Km1qjALT
age: 5482
expires: Wed, 16 Oct 2024 03:41:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: cDilma54DQm69J5M7JAcAH2uVodK8J2jaV3NWOgMSwVVGPDPv_OB8Q==
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript
last-modified: Mon, 15 Jan 2024 12:58:48 GMT
vary: Accept-Encoding
cache-control: public, max-age=14400
via: 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront)
cf-ray: 8d33a9329e684da2-FRA
x-amz-cf-pop: FRA56-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 detector-dom.min.js Show response
cdn.gbqofs.com/kaspersky/p/ 2 KB
1 KB 42ms
15ms Script
application/javascript 2606:4700::6812:1268
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/kaspersky/p/detector-dom.min.js
Requested by: Host: t.co
URL: https://t.co/rXfiP4pqka
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13e67b32514a6f5a06e4d52d9b2349a003a3c6ff8f0b7fbb1c6f1373bbd79f5a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"7ce93e56d4bf315976bcc54e8d33cc3e"
x-amz-version-id: bO05_KWvxjWLXW0gv1hrmjpHls5uEfmx
age: 6095
expires: Wed, 16 Oct 2024 03:41:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: LglLZoADS7lkrjY3yNhsQ00A923VmNXoeMLSBJ-lh7idzH5lsLnpgw==
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript
last-modified: Mon, 15 Jan 2024 12:58:49 GMT
vary: Accept-Encoding
cache-control: public, max-age=14400
via: 1.1 3fef473b9069c3a6b17fb47d4e1f2460.cloudfront.net (CloudFront)
cf-ray: 8d33a9329e674da2-FRA
x-amz-cf-pop: ARN53-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 40 KB
14 KB 49ms
13ms Script
application/javascript 2a02:26f0:3500:10::210:a9a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-T45JW6B&l=dataLayer&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:10::210:a9a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: max-age=35069
content-encoding: gzip
x-cdn: AKAM
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 14628
date: Tue, 15 Oct 2024 23:41:37 GMT
last-modified: Thu, 22 Aug 2024 10:43:55 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
x-amz-server-side-encryption: AES256

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 42 KB
13 KB 34ms
6ms Script
application/javascript 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-T45JW6B&l=dataLayer&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: public, max-age=60
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
etag: "5e9ac3a42b557bf8ca38cf2e8baba70b"
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 12126
date: Tue, 15 Oct 2024 23:41:37 GMT
last-modified: Tue, 15 Oct 2024 19:34:59 GMT
content-type: application/javascript
vary: Accept-Encoding,Origin
server: snooserv
x-amz-server-side-encryption: AES256

GET
H2 200 bat.js Show response
bat.bing.com/ 50 KB
15 KB 62ms
31ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c3be590171c0375d497714a608a5c4cd4e90e124e1c0cff1807cd8adb156e64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
content-encoding: gzip
etag: "01973e1111cdb1:0"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B9D8B83D2FE64581B3DFD29F22FB678A Ref B: FRAEDGE1208 Ref C: 2024-10-15T23:41:37Z
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 14538
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript
last-modified: Fri, 11 Oct 2024 19:15:06 GMT
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 225 KB
81 KB 24ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-12346775

Requested by

Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-T45JW6B&l=dataLayer&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b25055093b55b69719e398dd7b011c21a096496c195abf670238ce8ac8e5e4c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 15 Oct 2024 23:41:37 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Tue, 15 Oct 2024 23:07:40 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 82411
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 / Show response
track.omguk.com/e/qs/ 1 KB
1 KB 125ms
50ms Script
text/javascript 52.209.37.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://track.omguk.com/e/qs/?action=Content&MID=2325304&PID=53195&ref=https%3A//www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.209.37.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-37-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6e20c63fdbef629360cfcdbfba401fdaac790109bbf22cd7cb989e6b5e435167

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache
content-encoding: br
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
date: Tue, 15 Oct 2024 23:41:37 GMT
x-xss-protection: 1; mode=block
content-type: text/javascript
vary: accept-encoding

GET
H2 200 ktag.js Show response
resources.xg4ken.com/js/v2/ 11 KB
4 KB 112ms
32ms Script
application/javascript 52.50.176.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT-N3AA7-3EE

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.176.83 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-176-83.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

cc801ce0c56b23a865f8db45353f3d6b22b4a29c3728cf05d4634e181cbed937

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: max-age=86400, public
content-encoding: gzip
etag: "66f160c2-f32"
expires: Wed, 16 Oct 2024 23:41:37 GMT
content-length: 3890
date: Tue, 15 Oct 2024 23:41:37 GMT
x-xss-protection: 1; mode=block
content-type: application/javascript
last-modified: Mon, 23 Sep 2024 12:36:18 GMT
server: nginx

GET undefined.js
www.dwin1.com/ 0
0

GET
H2 200 tune.js Show response
js.go2sdk.com/v2/ 4 KB
4 KB 31ms
6ms Script
application/javascript 18.66.102.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.go2sdk.com/v2/tune.js
Requested by: Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-WZ7LJ3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.102.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-102-43.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-amz-version-id: null
etag: "3301ce2b9ef7fa3f72c5ae2b296d4ceb"
age: 71365
via: 1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 4142
x-amz-cf-id: xXAtPAXMfmxJ-mngZTCSEWMsx9IJC4PIMQs9BKMCrJqMYPv1EvYC-Q==
date: Tue, 15 Oct 2024 03:52:13 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 18:55:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 17ms
8ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: t.co
URL: https://t.co/rXfiP4pqka

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=23, mss=1232, tbw=4441, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: DKTOvWyLXI5NkppZsCkI4Sw9qd0B0tsHgr2FRkEY+3rbyKsk1EBemHaNlbNmtxFBfOqKMyI+79nnsogr1pMCLw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 nqQ1Xn.js Show response
s.retargeted.co/1/ 674 B
1012 B 679ms
425ms Script
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.retargeted.co/1/nqQ1Xn.js
Requested by: Host: sgtm.kaspersky.de
URL: https://sgtm.kaspersky.de/gtm.js?id=GTM-WZ7LJ3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca067230ff69d55901256919ecdb5e27f1ff5f3def39fb900ab4134359599c0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

surrogate-control: no-store
content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"2a2-cTvrq6PLeltFAd/TQCjoIpd3qZA"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gc9gcoc%2FLwP3ThRRSD1CamU0%2FqCiSdee7%2FUiTjRotok%2Brkk6zCRmqI5V32LwqOF68GLIP9oLbjZ2YYcS8ljFf0eKZoROw1bb1iN0OGMy1r8ADqyD2GpMM7OohJgKz%2BWn4HY%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: text/plain; charset=utf-8
content-disposition: inline
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d33a934f8928942-SIN
access-control-allow-origin: *
server: cloudflare

POST
H2 200 send
api-router.kaspersky-labs.com/pulse/rum/ 0
0 99ms
99ms Ping
application/json 77.74.178.40
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL: https://api-router.kaspersky-labs.com/pulse/rum/send
Requested by: Host: www.kaspersky.com
URL: https://www.kaspersky.com/siterenderer/_next/static/chunks/pages/_app-f1fccf9029a50980.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 77.74.178.40 , Russian Federation, ASN200107 (KL-EXT, CH),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

GET
H2 200 collect Show response
sgtm.kaspersky.com/g/ 2 KB
1 KB 94ms
62ms XHR
text/plain 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://sgtm.kaspersky.com/g/collect?v=2&tid=G-NSVBRC7S52&gtm=45je4ae0v879891882z871206015za200zb836855486&_p=1729035696376&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101686685&cid=1159739259.1729035697&ecid=565544234&ul=de-de&sr=1600x1200&_fplc=0&ur=DE-HE&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&sst.etld=google.de&sst.gcsub=region1&sst.tft=1729035696376&sst.ude=0&_s=1&dl=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&sid=1729035697&sct=1&seg=0&dr=https%3A%2F%2Ft.co%2F&dt=Kaspersky%20uncovers%20PipeMagic%20backdoor%20attacks%20businesses%20through%20fake%20ChatGPT%20application&en=page_view&_fv=1&_nsi=1&_ss=1&_c=1&ep.dateStringISO=2024-10-15T23%3A41%3A37.005Z&ep.event_id=1729035696376.32&tfd=1561&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-NSVBRC7S52&l=dataLayer&cx=c&sign=0a15c2cd4c8be874f4cd3265e323babf62ef560f0a4cb4c10c0c12acfcc0b352_20241015

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e73149c1f23d4365400de58d3cdaffa1798e03e4621afab281f598da66120b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://www.kaspersky.com
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: text/plain
vary: Accept-Encoding

GET
H2 200 favicon.ico
www.kaspersky.com/ 1 KB
551 B 7ms
7ms Other
image/x-icon 185.85.15.47
KL-EXT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kaspersky.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.85.15.47 , Germany, ASN200107 (KL-EXT, CH),

Reverse DNS

Software

Angie /

Resource Hash

ebefb9fcffacc72b520e93be5a0d928e635a9767819fd451fe8291f2dce092ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-server: -
x-request-id: 09ce8dcea63fa1d855ab06f769a021e7
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
content-encoding: gzip
etag: W/"670ce81e-47e"
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 23:41:37 GMT
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: image/x-icon
last-modified: Mon, 14 Oct 2024 09:45:02 GMT
server: Angie
x-proxy: fra2
vary: Accept-Encoding

GET
H2 200 config.js Show response
cdn.gbqofs.com/kaspersky/p/ 4 KB
1 KB 15ms
14ms Script
application/javascript 2606:4700::6812:1268
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/kaspersky/p/config.js
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/kaspersky/p/detector-dom.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 68094d9d26831b5a6e71c5c2d21bfce61cb9f643e4a2ef8dbc3f71ca3250a302

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"42d2094837037da13fc08a8c2944ae0e"
x-amz-version-id: S0a64o4r3rJj.cDIGN7laTZrJgeS6TGj
age: 1881
expires: Wed, 16 Oct 2024 03:41:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: etreGVvlO4YakqT98BUvlSwchtlmwUVXI5-jH6j1tbyYPaux6JW_Vw==
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 10:37:37 GMT
vary: Accept-Encoding
cache-control: public, max-age=14400
via: 1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
cf-ray: 8d33a932be7d4da2-FRA
x-amz-cf-pop: FRA56-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 config Show response
pixel-config.reddit.com/pixels/t2_snpe1bff/ 3 B
124 B 31ms
7ms XHR
application/json 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-config.reddit.com/pixels/t2_snpe1bff/config
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: max-age=14400
content-encoding: gzip
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/json

GET
H2 200 t2_snpe1bff_telemetry Show response
www.redditstatic.com/ads/conversions-config/v1/pixel/config/ 86 B
699 B 28ms
14ms XHR
application/json 2a04:4e42:200::396
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/conversions-config/v1/pixel/config/t2_snpe1bff_telemetry
Requested by: Host: www.redditstatic.com
URL: https://www.redditstatic.com/ads/pixel.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: max-age=300
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-encoding: gzip
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 97
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/json
vary: Accept-Encoding,Origin
server: snooserv

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
637 B 23ms
7ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1729035697073&id=t2_snpe1bff&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=abda5641b9b047069127fc658b0dbf34bd3bb0fe6d329e6b4c351e1f9bd12f04&uuid=1c397feb-3789-49cd-b24a-e646a881b132&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_49267bce&dpm=&dpcc=&dprc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
retry-after: 0
cross-origin-resource-policy: cross-origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
via: 1.1 varnish
accept-ranges: bytes
content-length: 42
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: image/gif
server: Varnish

GET
H2 200 config.js Show response
cdn.gbqofs.com/kaspersky/americas/p/ 2 KB
1 KB 16ms
16ms Script
application/javascript 2606:4700::6812:1268
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/kaspersky/americas/p/config.js
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/kaspersky/americas/p/detector-dom.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2e412bb9397374af8c5114e9dc36eabd38097299b40c01996a8f3552a32378f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: cSFT8abysAOhqj99RTHqbXSnv3UjFQBV
etag: W/"e14700caddb74aa3dab9f35b77e5a662"
age: 3201
expires: Wed, 16 Oct 2024 03:41:37 GMT
x-cache: Miss from cloudfront
x-amz-cf-id: Q5r4t746b6j1f8F31-8gSsfGltUM2AKmjcRMKMIiDPleNAIrQ5kbvg==
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript
last-modified: Wed, 11 Sep 2024 10:37:37 GMT
vary: Accept-Encoding
cache-control: public, max-age=14400
via: 1.1 944dc31277adc1021b0776fe818f07f6.cloudfront.net (CloudFront)
cf-ray: 8d33a932ce834da2-FRA
x-amz-cf-pop: FRA56-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2

200

activityi;dc_pre=CMTrofTHkYkDFZGJgwcdLvc3cg;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releas...
12346775.fls.doubleclick.net/ Frame 72C1
Redirect Chain

https://12346775.fls.doubleclick.net/activityi;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-rel...
https://12346775.fls.doubleclick.net/activityi;dc_pre=CMTrofTHkYkDFZGJgwcdLvc3cg;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kas...

0
0

20ms
19ms

Document
text/html

142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://12346775.fls.doubleclick.net/activityi;dc_pre=CMTrofTHkYkDFZGJgwcdLvc3cg;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;u6=;u7=69506809475763339353365157522277527577-GA1.1.1159739259.1729035697;u9=_about_press-releases_kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;ps=1;pcor=1848578342;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ae0v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-12346775

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 843
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 23:41:37 GMT
expires: Tue, 15 Oct 2024 23:41:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 15 Oct 2024 23:41:37 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://12346775.fls.doubleclick.net/activityi;dc_pre=CMTrofTHkYkDFZGJgwcdLvc3cg;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;u6=;u7=69506809475763339353365157522277527577-GA1.1.1159739259.1729035697;u9=_about_press-releases_kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;ps=1;pcor=1848578342;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ae0v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activity;register_conversion=1;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersk...
ad.doubleclick.net/ 0
23 B 205ms
191ms Image
image/png 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/activity;register_conversion=1;src=12346775;type=globalc;cat=globa0;ord=1420288299566;npa=1;auiddc=1813494888.1729035697;u1=B2C;u2=en_IE;u4=www.kaspersky.com;u5=%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;u6=;u7=69506809475763339353365157522277527577-GA1.1.1159739259.1729035697;u9=_about_press-releases_kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application;ps=1;pcor=1848578342;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;pscdl=noapi;frm=0;gtm=45fe4ae0v9181803792za200;gcd=13l3lPl2l1l1;dma_cps=syphamo;dma=1;tag_exp=101686685~101823848;epver=2;~oref=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 0
date: Tue, 15 Oct 2024 23:41:37 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"2824933398063368401"}],"aggregatable_trigger_data":[{"filters":[{"14":["13165872"]}],"key_piece":"0xd4b4aa43e18dbef","source_keys":["12","13","14","15","16","17","18","19","20","21","24068220","24068221","24068222","24068223","628625456","628625457","628625458","628625459","628641048","628641049","628641050","628641051","628697792","628697793","628697794","628697795","638517668","638517669","638517670","638517671"]},{"key_piece":"0xf78217cad90dba5d","not_filters":{"14":["13165872"]},"source_keys":["12","13","14","15","16","17","18","19","20","21","24068220","24068221","24068222","24068223","628625456","628625457","628625458","628625459","628641048","628641049","628641050","628641051","628697792","628697793","628697794","628697795","638517668","638517669","638517670","638517671"]}],"aggregatable_values":{"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"24068220":34,"24068221":34,"24068222":34,"24068223":3345,"628625456":32,"628625457":32,"628625458":32,"628625459":3177,"628641048":32,"628641049":32,"628641050":32,"628641051":3177,"628697792":32,"628697793":32,"628697794":32,"628697795":3177,"638517668":32,"638517669":32,"638517670":32,"638517671":3177},"aggregation_coordinator_origin":"https://publickeyservice.msmt.aws.privacysandboxservices.com","debug_key":"16110497172941487816","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"2824933398063368401","filters":[{"14":["13165872"],"source_type":["event"]}],"priority":"10","trigger_data":"1"},{"deduplication_key":"2824933398063368401","filters":[{"14":["13165872"],"source_type":["navigation"]}],"priority":"10","trigger_data":"6"},{"deduplication_key":"2824933398063368401","filters":[{"source_type":["event"]}],"priority":"0","trigger_data":"0"},{"deduplication_key":"2824933398063368401","filters":[{"source_type":["navigation"]}],"priority":"0","trigger_data":"7"}],"filters":{"8":["12346775"]}}
content-type: image/png
x-xss-protection: 0
server: cafe

GET
H2 200 detector-bootstrap.min.js Show response
cdn.gbqofs.com/sv/b/ 541 KB
160 KB 32ms
17ms Script
application/javascript 2606:4700::6812:1268
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/kaspersky/americas/p/detector-dom.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4655b3fa8bb88882cc56fa77c0b23f998151b8d5b5d9f210c5f97a4d34985744

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.kaspersky.com
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
cf-cache-status: HIT
x-amz-version-id: XK1HQ8.ysI2yvQ.PrPhHh3f6N5qfD62w
etag: W/"30831e66b889e4488be8afd3cae0ab24"
age: 2887
access-control-allow-methods: PUT, HEAD, GET
expires: Wed, 16 Oct 2024 03:41:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: WA-OB5ccFf1FiGsz2kyFaALJYOb8kj_p6EuJQgtbpwIsziKBHD2-ug==
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript
last-modified: Sun, 29 Sep 2024 15:44:04 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Headers
cache-control: public, max-age=14400
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
cf-ray: 8d33a9332d8d1c30-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 attribution_trigger Show response
px.ads.linkedin.com/ 2 B
813 B 207ms
186ms XHR
application/json 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/attribution_trigger?pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-li-pop: afd-prod-lor1-x
content-encoding: gzip
x-fs-uuid: 0006248c7e898caff7b224476a77cbd9
x-msedge-ref: Ref A: 668D06A73B904DA79708FB200777421D Ref B: FRAEDGE1121 Ref C: 2024-10-15T23:41:37Z
x-li-fabric: prod-lor1
x-restli-protocol-version: 1.0.0
access-control-allow-methods: GET, OPTIONS
x-li-uuid: AAYkjH6JjK/3siRHanfL2Q==
x-li-proto: http/2
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/json
access-control-allow-headers: *

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-t...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-...

0
265 B

130ms
107ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&e_ipv6=AQIOf157093LKQAAAZKSjvyq99tkCqFgn8f-HXSxpPiM18DKJdh6o9D2R7gM6IGuNg8ouuo
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A7FE597F6F224C15B4257D7C2ED2B03C Ref B: FRAEDGE1207 Ref C: 2024-10-15T23:41:37Z
x-li-fabric: prod-lva1
x-li-uuid: AAYkjH6Ndu9hKZ6/U1QXig==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript

Redirect headers

linkedin-action: 1
x-li-pop: afd-prod-ltx1-x
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=39138&time=1729035697121&url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&e_ipv6=AQIOf157093LKQAAAZKSjvyq99tkCqFgn8f-HXSxpPiM18DKJdh6o9D2R7gM6IGuNg8ouuo
x-msedge-ref: Ref A: DF981EE41E5347A4A8F0055240DC32A1 Ref B: FRAEDGE1514 Ref C: 2024-10-15T23:41:37Z
x-li-fabric: prod-lva1
x-li-uuid: AAYkjH6JWU7px4+qF2YQiQ==
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-source-fabric: prod-ltx1
date: Tue, 15 Oct 2024 23:41:36 GMT

GET
H2 200 5039146.js Show response
bat.bing.com/p/action/ 4 KB
2 KB 34ms
34ms Script
application/javascript 2620:1ec:33::10
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5039146.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:1ec:33::10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a88a06b68c90f3bc772ab2990bf27ce1f2796c09f5ac2a46e40dccc5d4ee7e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=60
content-encoding: br
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2159BCDBF39B496ABD4B5D1F99CAED32 Ref B: FRAEDGE1208 Ref C: 2024-10-15T23:41:37Z
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 23:41:36 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding

GET
H3 200 839281392784015 Show response
connect.facebook.net/signals/config/ 77 KB
15 KB 100ms
99ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/839281392784015?v=2.9.171&r=stable&domain=www.kaspersky.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

d10c7d53b09492756c067f494718810aba6a3e1a42a792fc0953526873650b14

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=74, mss=1232, tbw=67511, tp=64, tpl=0, uplat=92, ullat=0
pragma: public
x-fb-debug: v86RwhErGj6pHLnRzTscHuF9IevpcqmDlow3c0ek4cJ4JZOyMDGThx7PlhEtvEtE+vB1cv8ZixPfBm3sY1u7ZA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 204 collect
region1.analytics.google.com/g/s/ 0
510 B 40ms
14ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.analytics.google.com/g/s/collect?dma=1&dma_cps=syphamo&npa=1&gcd=13l3lPl2l1l1&gtm=45j91e4ae1v879891882z871206015z9857145737za200zb836855486&tag_exp=101686685&_gsid=NSVBRC7S52kLu04_Cz2-Tl-Ce2oMUV_A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:194:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:194:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 33ms
17ms Image
image/gif 172.217.18.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&dma=1&dma_cps=syphamo&npa=1&gcd=13l3lPl2l1l1&tid=G-NSVBRC7S52&cid=1159739259.1729035697&gtm=45j91e4ae1v879891882z871206015z9857145737za200zb836855486&tag_exp=101686685&aip=1&z=1452842494

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Tue, 15 Oct 2024 23:41:37 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

POST
H2 204 0
bat.bing.net/actionp/ 0
344 B 100ms
59ms Ping
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.net/actionp/0?ti=5039146&Ver=2&mid=a986c0ed-1237-4e5a-8b66-859932f10a2d&bo=1&evt=consent&src=enforced&cdb=AQAI&asc=D
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 42B77D1729394D7AA4281CAB537AB529 Ref B: FRAEDGE1722 Ref C: 2024-10-15T23:41:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 23:41:36 GMT

GET
H2 200 5039146 Show response
www.clarity.ms/tag/uet/ 918 B
1 KB 423ms
273ms Script
application/x-javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/5039146?insights=1
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/5039146.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 425236642edb45ee76cb7debe11cd8fa14fed0ad8dc1c3eb3677b90d8f637d46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:e97341f6-8fff-46a6-9229-fbbfe0892c78
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 918
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/x-javascript
x-azure-ref: 20241015T234137Z-17d475c956f5sfbwd8vg8nx9sn00000008v0000000010w16

GET
H2 204 0
bat.bing.net/action/ 0
118 B 101ms
58ms Image
text/plain 2620:1ec:c11::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.net/action/0?ti=5039146&Ver=2&mid=a986c0ed-1237-4e5a-8b66-859932f10a2d&bo=2&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Kaspersky%20uncovers%20PipeMagic%20backdoor%20attacks%20businesses%20through%20fake%20ChatGPT%20application&p=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&r=https%3A%2F%2Ft.co%2F&lt=1500&evt=pageLoad&sv=1&asc=D&cdb=AQAY&rn=351030
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 373749ABEDC042FBA68124AA4299606B Ref B: FRAEDGE1722 Ref C: 2024-10-15T23:41:37Z
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 23:41:36 GMT

GET
H2 200 detector-lazy.min.js Show response
cdn.gbqofs.com/sv/b/ 163 KB
47 KB 15ms
15ms Script
application/javascript 2606:4700::6812:1268
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.gbqofs.com/sv/b/detector-lazy.min.js
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1268 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df06d41193dbda411c560473016e45ebe8fc845de91c0cb034636e3a93b7ee1d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"cac3e1981c548af07941f56bcb110663"
x-amz-version-id: S7hYphlo9EQm9GKS3daiC3C05_FUItKL
age: 3982
expires: Wed, 16 Oct 2024 03:41:37 GMT
x-cache: Hit from cloudfront
x-amz-cf-id: GSoddCFsSZfGv2Bffa0F-cosnTetURtRM8ztn_duyWA6QVFNmXnk9Q==
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript
last-modified: Sun, 29 Sep 2024 15:44:04 GMT
vary: Accept-Encoding
cache-control: public, max-age=14400
via: 1.1 94328d2509009edc0657f5c786a93e42.cloudfront.net (CloudFront)
cf-ray: 8d33a933aeef4da2-FRA
x-amz-cf-pop: FRA56-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 cls_report Show response
c1001.report.gbss.io/e520hww/reporting/f88e6181-0004-908a-a798-98cfecfde1ef/ 397 B
691 B 137ms
37ms XHR
application/json 34.247.200.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1001.report.gbss.io/e520hww/reporting/f88e6181-0004-908a-a798-98cfecfde1ef/cls_report?_cls_s=afff3208-c0af-4561-a1d3-411dc30559ce%3A0&_cls_v=9c37bc29-db7e-472c-b631-ad71772628ca&pv=2&f_cls_s=true
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.247.200.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-247-200-225.eu-west-1.compute.amazonaws.com
Software: Glassbox Cligate /
Resource Hash: 762b529c10934657f8b85c9efd8f31eeb264f0f88670caa033e3faa57b407149

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://www.kaspersky.com
content-length: 288
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/json
vary: origin
server: Glassbox Cligate

GET
H2 204 collect
stats.g.doubleclick.net/g/ 0
510 B 63ms
21ms Image
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&dma=1&dma_cps=syphamo&npa=1&gcd=13l3lPl2l1l1&tid=G-NSVBRC7S52&cid=1159739259.1729035697&gtm=45j91e4ae1v879891882z871206015z9857145737za200zb836855486&tag_exp=101686685&aip=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 _set_cookie
sgtm.kaspersky.com/ 48 B
48 B 32ms
31ms Image
image/gif 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sgtm.kaspersky.com/_set_cookie?val=qZeZ3CKFgIWtKgtrffHsLsbgzVDY5%2BPTEYhK%2B0VPE%2Fu1jUn%2BF%2FQ0TQH2RJ5KAYLFIDxSyDWAGrjlpQqxRM8q%2FuokcmAdyKhzmaiLjrforYvyBJOHkF92GBK%2BvhGDUXMNHKsiegmg8PjrIkb9ziLiAYncT7hK0bHuGsGHkHoVNnA0YGseshPcBcGkrsVOaU3DNWIslthdMu2heJg%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

via: 1.1 google
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: image/gif

GET
H2 204 register-conversion
region1.google-analytics.com/privacy-sandbox/ 0
263 B 27ms
26ms Image
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://region1.google-analytics.com/privacy-sandbox/register-conversion?_c=1&cid=1159739259.1729035697&dbk=13864391450329483701&dma=1&dma_cps=syphamo&en=page_view&gtm=45j91e4ae1v879891882z871206015z9857145737za200zb836855486&npa=1&tid=G-NSVBRC7S52&dl=https%3A%2F%2Fwww.kaspersky.com%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgnc:90:0"}],}
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgnc:90:0
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 /
track.omguk.com/e/qi/ 823 B
1 KB 41ms
41ms Image
image/gif 52.209.37.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.omguk.com/e/qi/?action=Content&mid=2325304&pid=53195&ref=https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.209.37.110 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-209-37-110.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0e9946930825f59fa538bd840a51c3fb376bc566cf6b50c070805f30ccff7e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-store, no-cache
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
etag: W/"337-1928f7f9888"
accept-ranges: bytes
access-control-allow-origin: *
p3p: CP="ALL CURa ADMa DEVa TAIa PSAa PSDa OUR BUS IND UNI COM NAV INT"
content-length: 823
date: Tue, 15 Oct 2024 23:41:37 GMT
x-xss-protection: 1; mode=block
content-type: image/gif
last-modified: Tue, 15 Oct 2024 09:25:57 GMT
vary: accept-encoding

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 23ms
7ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1729035697283&sw=1600&sh=1200&v=2.9.171&r=stable&ec=0&o=12318&fbp=fb.2.1729035697282.388947944538100285&cs_est=true&ler=other&cdl=API_unavailable&it=1729035697133&coo=false&eid=1729035696376.32&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=2930, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 177ms
164ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=839281392784015&ev=PageView&dl=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&rl=https%3A%2F%2Ft.co%2F&if=false&ts=1729035697283&sw=1600&sh=1200&v=2.9.171&r=stable&ec=0&o=12318&fbp=fb.2.1729035697282.388947944538100285&cs_est=true&ler=other&cdl=API_unavailable&it=1729035697133&coo=false&eid=1729035696376.32&rqm=FGET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7426151773945295891"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xb2631a0df4fe89a7","source_keys":["1"]}],"aggregatable_values":{"1":10922},"filters":{"3":["6614529185328696"]},"debug_reporting":true,"debug_key":"3677220406645937665"}
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: z43h6OGvOMYapfzwPcEie3BZQyKJ9ITsbocPbTolVRhXFGlzDMjzRKTwOTT/75YaDSw3+1EmLBQuEW7xm9OvPw==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7426151773945295891", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1368, tbw=3247, tp=-1, tpl=-1, uplat=156, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2

200

sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10523.2J644E6OKg2BePaj7kT7IDT1O_ngfC0HsesVR28MtvfQBatui5gP8MdigIqZL954.NE71ffjdPoDaCo2cEN3k-ChFw3o%2C
https://mc.yandex.com/sync_cookie_image_decide?token=10523.QEZRsVl7AjDeERgGQdliwoSmdeWxIQVHPRn7adiONKmv8_RdYEsf9dP378gP9KnlZkErw2oT0-leV9HEDzWU__d9wBCojdb22Fuz8bF5AuuFoC_jcIW77FUz7VGf6s8a7kyGZ8fdvH...
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10523.wF7WythnSs2eWLh7pLlXfNlwmfuhVQJpgWSTLasBW-x-ng1H49Awa5XIigmCVe5e8oalPzLxLfEy8n2OHakV8zVadZgNNw3px1-2Gda5r9Wti...

43 B
610 B

54ms
54ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10523.wF7WythnSs2eWLh7pLlXfNlwmfuhVQJpgWSTLasBW-x-ng1H49Awa5XIigmCVe5e8oalPzLxLfEy8n2OHakV8zVadZgNNw3px1-2Gda5r9WtiOd4hkFWowUWn3Dj7T050HOgHheqKkQh5fGsAXqHxMnzbzKIKMMZ25S0zbGYotowY39TrkMvv2wqHjd0vpGVuiAbhpMtfYiCR8QVHD04Mw%2C%2C.xAsdeQASABjDr6JxuP_QITH6w2M%2C

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=31536000
location: https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10523.wF7WythnSs2eWLh7pLlXfNlwmfuhVQJpgWSTLasBW-x-ng1H49Awa5XIigmCVe5e8oalPzLxLfEy8n2OHakV8zVadZgNNw3px1-2Gda5r9WtiOd4hkFWowUWn3Dj7T050HOgHheqKkQh5fGsAXqHxMnzbzKIKMMZ25S0zbGYotowY39TrkMvv2wqHjd0vpGVuiAbhpMtfYiCR8QVHD04Mw%2C%2C.xAsdeQASABjDr6JxuP_QITH6w2M%2C
date: Tue, 15 Oct 2024 23:41:37 GMT
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
572 B 51ms
51ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=3600
timing-allow-origin: *
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6707cb5e-2b"
expires: Wed, 16 Oct 2024 00:41:37 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: image/gif
last-modified: Thu, 10 Oct 2024 12:41:02 GMT

GET
H2 200 metrika_match.html
mc.yandex.com/metrika/ Frame D40D 0
0 149ms
60ms Document
text/html 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/metrika/metrika_match.html

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin: *
cache-control: max-age=3600
content-encoding: br
content-length: 1046
content-type: text/html
date: Tue, 15 Oct 2024 23:41:37 GMT
etag: "6707cb5e-416"
expires: Wed, 16 Oct 2024 00:41:37 GMT
last-modified: Thu, 10 Oct 2024 12:41:02 GMT
strict-transport-security: max-age=31536000
timing-allow-origin: *

POST
H2 200 s56037140328825 Show response
otr.kaspersky.com/b/ss/kaspersky-single-suite/1/JS-2.22.3/ 43 B
331 B 21ms
19ms XHR
image/gif 63.140.62.17
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://otr.kaspersky.com/b/ss/kaspersky-single-suite/1/JS-2.22.3/s56037140328825

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.62.17 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-63-140-62-17.data.adobedc.net

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

etag: 3713075886304296960-4618686450295342711
x-content-type-options: nosniff
expires: Mon, 14 Oct 2024 23:41:37 GMT
p3p: CP="This is not a P3P policy"
date: Tue, 15 Oct 2024 23:41:37 GMT
last-modified: Wed, 16 Oct 2024 23:41:37 GMT
vary: *
content-type: image/gif;charset=utf-8
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-origin: https://www.kaspersky.com
content-length: 43
x-xss-protection: 1; mode=block
server: jag

POST
H2 204 / Show response
px.ads.linkedin.com/wa/ 0
210 B 107ms
105ms XHR
text/plain 2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/wa/
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: *
Content-Type: text/plain;charset=UTF-8

Response headers

linkedin-action: 1
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 061EBA873B96434B8A17F77CE7CA68D7 Ref B: FRAEDGE1514 Ref C: 2024-10-15T23:41:37Z
x-li-fabric: prod-lva1
access-control-allow-credentials: true
x-li-uuid: AAYkjH6PHDy0sW82ZH5Rdg==
x-li-proto: http/2
access-control-allow-origin: https://www.kaspersky.com
x-cache: CONFIG_NOCACHE
date: Tue, 15 Oct 2024 23:41:36 GMT
vary: Origin

GET
H2 200 98380851 Show response
mc.yandex.com/watch/ 953 B
1 KB 55ms
55ms Fetch
application/json 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/98380851?wmode=7&page-url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&page-ref=https%3A%2F%2Ft.co%2F&nohit=1&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1480%3Acn%3A1%3Adp%3A0%3Als%3A768950955944%3Ahid%3A427819960%3Az%3A120%3Ai%3A20241016014137%3Aet%3A1729035697%3Ac%3A1%3Arn%3A328209453%3Au%3A1729035697466038471%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Aco%3A0%3Acpf%3A1%3Ans%3A1729035695498%3Agi%3AR0ExLjEuMTE1OTczOTI1OS4xNzI5MDM1Njk3%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1729035698%3At%3AKaspersky%20uncovers%20PipeMagic%20backdoor%20attacks%20businesses%20through%20fake%20ChatGPT%20application&t=gdpr(14)clc(0-0-0)aw(1)rcm(1)cdl(na)eco(46727684)ti(1)

Requested by

Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

01981997134b2a7c273f83765781ead8c7d02abf53fcc65ff67ab9b94a955b17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000
x-yandex-ignore-cookies: yes
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
x-content-type-options: nosniff
expires: Tue, 15-Oct-2024 23:41:37 GMT
access-control-allow-origin: https://www.kaspersky.com
content-length: 953
date: Tue, 15 Oct 2024 23:41:37 GMT
x-xss-protection: 1; mode=block
last-modified: Tue, 15-Oct-2024 23:41:37 GMT
content-type: application/json; charset=utf-8

POST
H2 200 98380851
mc.yandex.com/watch/ 43 B
78 B 54ms
53ms Ping
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/98380851?page-url=https%3A%2F%2Fwww.kaspersky.com%2Fabout%2Fpress-releases%2Fkaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application%3Futm_source%3Dlinkedin%26utm_medium%3Dsocial%26utm_campaign%3Dgl_PipeMagic_js0180%26utm_content%3Dlink%26utm_term%3Dgl_linkedin_organic_kwps180wrlq9axc%26kaspr%3Dwaa1&page-ref=https%3A%2F%2Ft.co%2F&charset=utf-8&uah=chm%0A%3F0&hittoken=1729035697_32e153b16c3483134a82edd3c2990d8f4e58c659e0cf36366dfc241013fa0e62&browser-info=pv%3A1%3Aar%3A1%3Avf%3A1f7b5m6qwdrmpv8tqq4z7n9f657%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ade-DE%3Av%3A1480%3Acn%3A1%3Adp%3A1%3Als%3A768950955944%3Ahid%3A427819960%3Az%3A120%3Ai%3A20241016014137%3Aet%3A1729035698%3Ac%3A1%3Arn%3A786507033%3Arqn%3A1%3Au%3A1729035697466038471%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A1020%3Awv%3A2%3Ads%3A16%2C17%2C377%2C96%2C342%2C0%2C%2C37%2C0%2C1499%2C1500%2C0%2C1474%3Aco%3A0%3Acpf%3A1%3Ans%3A1729035695498%3Agi%3AR0ExLjEuMTE1OTczOTI1OS4xNzI5MDM1Njk3%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1729035698%3At%3AKaspersky%20uncovers%20PipeMagic%20backdoor%20attacks%20businesses%20through%20fake%20ChatGPT%20application&t=gdpr(14)mc(h-1)clc(0-0-0)rqnt(1)lt(16000)aw(1)rcm(1)ecs(0)cdl(na)eco(46727684)ti(0)&force-urlencoded=1

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

strict-transport-security: max-age=31536000
x-yandex-ignore-cookies: yes
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma: no-cache
access-control-allow-credentials: true
expires: Tue, 15-Oct-2024 23:41:37 GMT
access-control-allow-origin: https://www.kaspersky.com
content-length: 43
x-xss-protection: 1; mode=block
date: Tue, 15 Oct 2024 23:41:37 GMT
last-modified: Tue, 15-Oct-2024 23:41:37 GMT
content-type: image/gif

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.48/ 64 KB
27 KB 48ms
48ms Script
application/javascript 2620:1ec:bdf::64
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.48/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/5039146?insights=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::64 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

x-azure-ref: 20241015T234137Z-17d475c956f5sfbwd8vg8nx9sn00000008v0000000010w1x
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DCE961488285A1"
x-fd-int-roxy-purgeid: 51562430
x-ms-request-id: c05fb4bd-e01e-003c-02b5-1b071c000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Tue, 15 Oct 2024 23:41:37 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Thu, 10 Oct 2024 19:25:21 GMT

GET 161dfad9-d23d-4eef-beb4-bfe5f8936861
https://www.kaspersky.com/ Frame 0
0

POST
H/1.1 204
No Content collect Show response
b.clarity.ms/ 0
281 B 350ms
140ms XHR
text/plain 4.153.129.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://b.clarity.ms/collect
Requested by: Host: cdn.gbqofs.com
URL: https://cdn.gbqofs.com/sv/b/detector-bootstrap.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.153.129.168 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

Request-Context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin: https://www.kaspersky.com
Date: Tue, 15 Oct 2024 23:41:38 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H3 200 nqQ1Xn.js Show response
s.retargeted.co/2/ 81 KB
31 KB 417ms
417ms Script
text/plain 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.retargeted.co/2/nqQ1Xn.js
Requested by: Host: s.retargeted.co
URL: https://s.retargeted.co/1/nqQ1Xn.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b07dbb2ece7db359d5ba702f1e46fdc12fbaf42a1289a0eb8bf604dfcb60719f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.kaspersky.com/about/press-releases/kaspersky-uncovers-pipemagic-backdoor-attacks-businesses-through-fake-chatgpt-application?utm_source=linkedin&utm_medium=social&utm_campaign=gl_PipeMagic_js0180&utm_content=link&utm_term=gl_linkedin_organic_kwps180wrlq9axc&kaspr=waa1

Response headers

surrogate-control: no-store
content-encoding: zstd
cf-cache-status: BYPASS
etag: W/"1443a-PNSmdcMr0k4YzdllHww3IHWSLxo"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8ZmEFME9wtRzKt%2B9YW39Nxti3s6bp1ukXzSAFp87LOaVuGGEcx7jql8StqYcp1KvcgNj514EP2kXquEquQ0ix4tgSUaoN7%2FeYMYt%2FYS%2Fec%2Faa7U1%2B2HU47SATHUc2N8Taus%3D"}],"group":"cf-nel","max_age":604800}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Tue, 15 Oct 2024 23:41:38 GMT
content-type: text/plain; charset=utf-8
content-disposition: inline
vary: Accept-Encoding
priority: u=3,i=?0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8d33a937aa148942-SIN
access-control-allow-origin: *
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dwin1.com
URL: https://www.dwin1.com/undefined.js

Domain: www.kaspersky.com
URL: blob:https://www.kaspersky.com/161dfad9-d23d-4eef-beb4-bfe5f8936861

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
c1001.report.gbss.io/e520hww/reporting/f88e6181-0004-908a-a798-98cfecfde1ef	1969-12-31 23:59:59	Name: _cls_cfgver Value: 0
c1001.report.gbss.io/e520hww/reporting/f88e6181-0004-908a-a798-98cfecfde1ef	1969-12-31 23:59:59	Name: _cls_s Value: afff3208-c0af-4561-a1d3-411dc30559ce:0
c1001.report.gbss.io/e520hww/reporting/f88e6181-0004-908a-a798-98cfecfde1ef	1969-12-31 23:59:59	Name: _cls_v Value: 9c37bc29-db7e-472c-b631-ad71772628ca
c1001.report.gbss.io/e520hww/reporting/f88e6181-0004-908a-a798-98cfecfde1ef	1969-12-31 23:59:59	Name: rto Value: c0
.t.co/	1970-01-21 09:47:30	Name: muc Value: 7a736ca2-56f9-4da6-97e1-d27a1949285b
.t.co/	1970-01-21 00:17:17	Name: __cf_bm Value: fWyRx1csCBg_mQ2VhtARfUUbmzDfla3M8jJ5BPm0pAc-1729035695-1.0.1.1-LvzPsrZ6dAl5wolSBa15hoee5hLCSneHWfvlJzouJwku.XKJsUt0aX06oITa_MPohBlw51TG89tLQGJx.K2u5Q
kas.pr/	1970-01-21 00:17:16	Name: XSRF-TOKEN Value: eyJpdiI6Im1mZFdWYUFoT0lIYlBBRjFJS2cvWkE9PSIsInZhbHVlIjoiQVRKZ2NYVGdCVHVBWUo5blIxNkdSKzREc0R5ZUZBdEFCK3Z1V0RvYnd3NXVPWVFwb2xzcHdxNjFHMEtsL3FVWUx2dXh5Z0VBbFVEV2QrbTVtT3FhOTk1OExuNGRod21MT0lEd3c2NUJONUVMZ21JOTdiR255azV2NmtRby9HKzciLCJtYWMiOiIwM2NkYmQ3YzdkZTliZjNmYzZjMmFkYjc1MDA1NjJjYmMxZDE5MzE2ZmYyZTU4NjExMmVlZGI4NTgzYjJlMDY2IiwidGFnIjoiIn0%3D
kas.pr/	1970-01-21 00:17:16	Name: laravel_session Value: eyJpdiI6ImVDeTQ2MTBmTXdtejlFZlBkK2pvSlE9PSIsInZhbHVlIjoiTTAyZjNtS01QL1MrWTc0NjNmdlB1VzNnTmx3bjJUVzliUGJPTFNUTHVRSnlnMkRHWCsrc0cwbVVMYkRrMlNmUU8wakdBaUdiOFg0d1QzTjhDUXJEMFkrTUVaRSszL0l6T2JwaGQ2Ujc2SHFIRmk1QjFGTDdUcVRHNEJJMHVkMmgiLCJtYWMiOiI0YzE4ZmJlMjZmYzE1N2MzNjRiOGRjZjVjNWUzOWI3MDk5NjBkODhhOTYwZmU0NzVlMjAzZmFhYTc1Njk2MmRmIiwidGFnIjoiIn0%3D
.kas.pr/	1969-12-31 23:59:59	Name: ClientRouteKasPr Value: bbb8f9cb7534d56a6a49bfb3ea7916aad1ddcb4d38d323a0dcdbf12d1ca0c05b
www.kaspersky.com/	1969-12-31 23:59:59	Name: webserver_id Value: 7090d509a01883900b145f8168e6ad09
www.kaspersky.com/	1970-01-21 00:17:19	Name: country Value: DE
content.kaspersky-labs.com/	1970-01-21 00:17:19	Name: country Value: DE
.demdex.net/	1970-01-21 04:36:27	Name: demdex Value: 79396029470024192532371590788186398275
.kaspersky.com/	1969-12-31 23:59:59	Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg Value: 1
.kaspersky.com/	1970-01-21 09:53:15	Name: s_ecid Value: MCMID%7C69506809475763339353365157522277527577
.dpm.demdex.net/	1970-01-21 04:36:27	Name: dpm Value: 79396029470024192532371590788186398275
.kaspersky.com/	1970-01-21 09:53:15	Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg Value: 1585540135%7CMCIDTS%7C20012%7CMCMID%7C69506809475763339353365157522277527577%7CMCAAMLH-1729640496%7C6%7CMCAAMB-1729640496%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1729042896s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-20019%7CvVersion%7C4.4.0
www.kaspersky.com/	1970-01-21 09:53:15	Name: CookieConsent Value: {stamp:218386897=='\|Cnecessary:true\|Cpreferences:true\|Cstatistics:true\|Cmarketing:true\|Cver:1\|Cutc:188865843\|Cregion:'not_gdpr'}
.kaspersky.com/	1970-01-21 01:00:27	Name: AwinChannelCookie Value: other
.kaspersky.com/	1970-01-21 09:53:15	Name: _ga_NSVBRC7S52 Value: GS1.1.1729035697.1.0.1729035697.0.0.565544234
.kaspersky.com/	1970-01-21 09:53:15	Name: _ga Value: GA1.1.1159739259.1729035697
.kaspersky.com/	1970-01-21 02:26:51	Name: _rdt_uuid Value: 1729035697071.1c397feb-3789-49cd-b24a-e646a881b132
.kaspersky.com/	1970-01-21 02:26:51	Name: _gcl_au Value: 1.1.1813494888.1729035697
.kaspersky.com/	1970-01-21 09:53:15	Name: FPID Value: FPID2.2.5yUhGkxy88vIyGHBG8tZhurZlZbqPyK9QquBDWuiH8g%3D.1729035697
.kaspersky.com/	1970-01-21 00:18:27	Name: FPLC Value: WxUn0RtX8sJ278aKsjl4KAfvGn1DsicH9x2QMRvY3%2BqTE6If2yRjHE%2Fn4bAl4j%2F8uXl0TinSw0hDAQC9ewkokh6R69R3chEZOp6z3wtyQdCeq6GCQh5FrL47MRWACg%3D%3D
.kaspersky.com/	1970-01-21 00:17:17	Name: FPGSID Value: 1.1729035697.1729035697.G-NSVBRC7S52.kLu04_Cz2-Tl-Ce2oMUV_A
.doubleclick.net/	1970-01-21 04:36:27	Name: receive-cookie-deprecation Value: 1
track.omguk.com/	1970-01-21 01:43:43	Name: OMG-Channel-2325304 Value: Channel%3Dlinkedin
api-router.kaspersky-labs.com/	1970-01-21 00:17:19	Name: country Value: DE
.yandex.ru/	1970-01-21 09:02:51	Name: yashr Value: 3073898081729035697
.kaspersky.com/	1970-01-21 09:53:15	Name: _cls_v Value: 9c37bc29-db7e-472c-b631-ad71772628ca
.kaspersky.com/	1969-12-31 23:59:59	Name: _cls_s Value: afff3208-c0af-4561-a1d3-411dc30559ce:0
.kaspersky.com/	1970-01-21 02:26:51	Name: _fbp Value: fb.1.1729035697149.2036615642
.www.kaspersky.com/	1970-01-21 02:26:51	Name: _fbp Value: fb.2.1729035697282.388947944538100285
track.omguk.com/	1970-01-21 01:43:43	Name: OMGID Value: UUserID%3D%7Bb6c4f1db-1f88-42b9-8507-51c2e759d496%7D%26ReadCount%3D1
track.omguk.com/	1970-01-21 00:17:17	Name: OMGSession Value: SessionID%3D3f82394568d147a8bb948553cde78dc6%26SessionCount%3D1
api-router.kaspersky-labs.com/	1969-12-31 23:59:59	Name: webserver_id Value: 482c993c59e1a674dfe5d4a29f264aa4
.doubleclick.net/	1970-01-21 09:38:51	Name: IDE Value: AHWqTUkiLCUJz77251bm-VwG17O4x-MkT2qGKxsWPFzbcDU6x9UlgFo1nmWRhPT_
.kaspersky.com/	1970-01-21 09:02:51	Name: _ym_uid Value: 1729035697466038471
.kaspersky.com/	1970-01-21 09:02:51	Name: _ym_d Value: 1729035697
.doubleclick.net/	1970-01-21 01:00:27	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 00:17:16	Name: test_cookie Value: CheckForPermission
.yandex.com/	1970-01-21 09:53:15	Name: i Value: YQ92RXdjTCBxNXfPbcbKP1vS4Jl5xMr73tzJmyBQvPo5oesM3siy1PhYrxc75HVvCYpJrLDxdV5jNl2gfyp8kGIbeB8=
.yandex.com/	1970-01-21 09:53:15	Name: yandexuid Value: 8354525921729035697
.yandex.com/	1970-01-21 09:02:51	Name: yashr Value: 9777670781729035697
.mc.yandex.com/	1970-01-21 00:17:16	Name: sync_cookie_csrf Value: 3975547252fake
.kaspersky.com/	1970-01-21 00:18:27	Name: _ym_isad Value: 2
.kaspersky.com/	1969-12-31 23:59:59	Name: rto Value: c0
.linkedin.com/	1970-01-21 09:02:51	Name: bcookie Value: "v=2&7740b152-5140-4c88-8444-7eccfa5af879"
.linkedin.com/	1970-01-21 04:36:27	Name: li_gc Value: MTswOzE3MjkwMzU2OTc7MjswMjHV6ak27anIO4ofYZ9J/ZVw9Ye6IRR9VQNGXGNdfXoVpQ==
.linkedin.com/	1970-01-21 00:18:42	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3469:u=1:x=1:i=1729035697:t=1729122097:v=2:sig=AQFCj1VA9TVxydEFjvXO-IEgFBtHSu8m"
.mc.yandex.ru/	1970-01-21 00:17:16	Name: sync_cookie_csrf Value: 1444008614fake
.kaspersky.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.mc.yandex.com/	1970-01-21 00:18:42	Name: sync_cookie_ok Value: synced
.yandex.ru/	1970-01-21 09:53:15	Name: yandexuid Value: 8354525921729035697
.yandex.ru/	1970-01-21 09:53:15	Name: yuidss Value: 8354525921729035697
.yandex.ru/	1970-01-21 09:53:15	Name: i Value: YQ92RXdjTCBxNXfPbcbKP1vS4Jl5xMr73tzJmyBQvPo5oesM3siy1PhYrxc75HVvCYpJrLDxdV5jNl2gfyp8kGIbeB8=
.yandex.ru/	1970-01-21 09:53:15	Name: yp Value: 1729122097.yu.3699909441729035697
.yandex.ru/	1970-01-21 09:02:51	Name: ymex Value: 1731627697.oyu.3699909441729035697
.kaspersky.com/	1970-01-21 00:17:17	Name: _ym_visorc Value: b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12346775.fls.doubleclick.net
ad.doubleclick.net
alb.reddit.com
api-router.kaspersky-labs.com
b.clarity.ms
bat.bing.com
bat.bing.net
c1001.report.gbss.io
cdn.gbqofs.com
cm.everesttech.net
connect.facebook.net
content.kaspersky-labs.com
dpm.demdex.net
js.go2sdk.com
kas.pr
kaspersky.demdex.net
mc.yandex.com
mc.yandex.ru
media.kaspersky.com
otr.kaspersky.com
pixel-config.reddit.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.analytics.google.com
region1.google-analytics.com
resources.xg4ken.com
s.retargeted.co
sgtm.kaspersky.com
sgtm.kaspersky.de
snap.licdn.com
stats.g.doubleclick.net
t.co
track.omguk.com
unpkg.com
www.clarity.ms
www.dwin1.com
www.facebook.com
www.google.de
www.googletagmanager.com
www.kaspersky.com
www.redditstatic.com
www.dwin1.com
www.kaspersky.com
13.107.42.14
142.250.185.198
151.101.1.140
151.101.129.140
157.240.0.6
162.159.140.229
172.217.18.3
18.203.183.110
18.66.102.43
185.85.15.31
185.85.15.34
185.85.15.47
188.114.97.3
2001:4860:4802:32::15
2001:4860:4802:32::36
2001:4860:4802:36::15
2606:4700::6811:f8cb
2606:4700::6812:1268
2620:1ec:21::14
2620:1ec:33::10
2620:1ec:bdf::64
2620:1ec:c11::237
2a00:1450:4001:82f::2008
2a00:1450:400c:c00::9c
2a02:26f0:3500:10::210:a9a
2a02:6b8::1:119
2a03:2880:f177:185:face:b00c:0:25de
2a04:4e42:200::396
34.247.200.225
34.248.127.197
4.153.129.168
52.18.168.199
52.209.37.110
52.50.176.83
63.140.62.17
77.74.178.40
01981997134b2a7c273f83765781ead8c7d02abf53fcc65ff67ab9b94a955b17
03d5bc1c200dae7b83e77ba62636979f971f30464916a2ea0b7f305f4f9d71dd
094240e4f36bf27aceb9eb5b0ec574bffa4b3898b5eb5895cafd63913c0f62f1
0d55d0f69b01bd8d8aa56adf0f83191893d9df2e1d1cd39e7d8b6a2ec03657c6
0e9946930825f59fa538bd840a51c3fb376bc566cf6b50c070805f30ccff7e71
0f178accba27f1301e705e3b5fa6be50b221d46c0b11d65767e45aed62c8d491
13e67b32514a6f5a06e4d52d9b2349a003a3c6ff8f0b7fbb1c6f1373bbd79f5a
1c954b7f68732846a126fc9d1de0e512e5ecb5b969b29b17c52584d44787f614
1f120dbe60c10831180babf37afc0edb7c01e9f4e7b135cfedc58b3523c887fb
236cf53b37c32b638e679825ae6c3a10519e9a5686205fb0dd02739581a5e8ff
2a0bee86cb7897007c66d44b3008c3f91ff9e1f9a289c97eeff0a0d19c6275a7
2b9ada319495f3f5e77a132ff11a50f125b623457b952636fa86569a83d18b7d
2c6c4f0245d6399bc35650be4281b3fea4e65fb646ecc7b9b945cb31f6795aee
2e85746adfc825e140d0e88733c9aac372e29b173f406890dcdddac6f4a3f17e
2ea680420fdb53bf6538088e6c701b32226f1538cca01fbeb3731c5c97752ce8
3161948f21bf24d9ef8c34e37b7d1790d5cce63c44d982ca9f63bc6b6acbfe99
337549adc4ab6b4e1a831e5ec1f79400cacfce80151c195d77d566e4d1bdf8f1
36b4b4c6757a5d380d22a491759f8a72f54b16791387c3826e69d2546208d4f4
425236642edb45ee76cb7debe11cd8fa14fed0ad8dc1c3eb3677b90d8f637d46
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45da241a91c843b268ada7481cdece1aa679f2720931effea28d83e1398d66a9
4655b3fa8bb88882cc56fa77c0b23f998151b8d5b5d9f210c5f97a4d34985744
48a38019b41ab7e60f0e709b41005447b37c6d84e2d9a75a0f7fdc720630a7c4
49e13ee3649e65ad5e52f6c179486a2e2d4439aff526906228d931527d86bdad
4ca067230ff69d55901256919ecdb5e27f1ff5f3def39fb900ab4134359599c0
4da5f22e1c8d729862c4edb8e50a87ae7c75dd06a452a90e18c097a907e14b5c
4f622a0af5e2151febb626730108cc195956e043f09d15236ac1c29e6836bc1f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
5736a62a53828eff39724e387abc3a29f714dc6d9ea72bbfd36bdd94658b1b0a
5bbd9766838bf11e3ff360ec5cbb60d6ada352fbad7f7691e24f847313b9b1d4
5c54cc8e69105dc466ad9aee124d9c497b0e11711ad4eb662ac941926a28bf06
6549b0bd802384c2eaf17d2f7d58037ce1213a8f0c2c46dbe617f9ccc2a8f4f2
68094d9d26831b5a6e71c5c2d21bfce61cb9f643e4a2ef8dbc3f71ca3250a302
688ea52c7291b980af811cab2dfc8af5ebb15a01555ddc0f3f312db77b059b74
6e20c63fdbef629360cfcdbfba401fdaac790109bbf22cd7cb989e6b5e435167
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
727c26cb2ad26384a9d898bac337bc163444b2e4374bc2d67592349fb017b561
762b529c10934657f8b85c9efd8f31eeb264f0f88670caa033e3faa57b407149
7816f7283252e8add34d3f954e7ec98dcc5f8f1887c21995da5eca810b11e52b
7bcac2f13babd56a9bf9a412b32131296cab3168c150eb5baa6f4c451bb831f2
7ee5cd71bb444fcc52f4d9870470c9765f370af7d8d56112316d1da2c365096d
7fdda5ddd8001e766bee42d7453e03559a1f1c6d7f83d215a9d0530c2734df77
814f6458d81ef30a5d67fe75f61a3ab41ebd1bd309363d1de94f7e1cc88c40fd
873dd00c62f6ac134a3fad5016d0921cdbd43a52c9f9aa4e6cd987e90aa3d2a5
8a27dc7b44ebe886390bfa0a9beeea36ea5a3f37479f0e0836b6c9b80d9b35ed
8c4e1c4dcc2455b5c1165341e5fe88567639ccd343539e73f13b0d97f50290d3
8fd091a2ebad5f0484ab5e2305a8a09ace24461a7d5a11bed0b7b467f1d42f9b
92f0b7914baf79b9fd35926c4a2f2e933dac882dfea5a2620fb43f63a78c3e6b
9344b6a4db3db16dee581361244125a03a353c2ed0f5f701d83dc2be552d07c4
9e4a708d0846160e708374e1d3f12627ce27f0b3391f59ccdce433b39838fd60
a3d602cb463bf851d1804c5b7fb88ea6884b7ddbe239c31789cc0c37fb81ccdb
a4022f24f1b6f18ba43b046f2a062abc91ecfcbed07799abc7caab6b2f1f554e
a5d930fb9951e4f30eaf140d04ab1cee09f4ca98485d1d0aa486c74a6b931b01
a88a06b68c90f3bc772ab2990bf27ce1f2796c09f5ac2a46e40dccc5d4ee7e27
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b07dbb2ece7db359d5ba702f1e46fdc12fbaf42a1289a0eb8bf604dfcb60719f
b1fc9738970b7946c95e587842c44cad8f82bc593006a87b9faa3378e91ca96e
b25055093b55b69719e398dd7b011c21a096496c195abf670238ce8ac8e5e4c6
b4d9ea2495c3e74cb980fd0ebc0e55a12697433372a8569c1f87365f2758d238
c040cf25646dec3acaf9e23595fe095b35321d477995cc7db992c74d510973e2
c3be590171c0375d497714a608a5c4cd4e90e124e1c0cff1807cd8adb156e64b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc801ce0c56b23a865f8db45353f3d6b22b4a29c3728cf05d4634e181cbed937
cfc8c57315a84b35e30206c48d2538991cb96893991c97ea5988c794748f8b4a
d10c7d53b09492756c067f494718810aba6a3e1a42a792fc0953526873650b14
d5a8e914b5473bc97399172800d3e0bbc1c21f0e8f3908eae0a54b06fffdc3fb
d656066adb8d0609526683c02e8c776d2a45f3efb28e98e836baaa4feb19b73a
dd312f1ffc0d7531838f3b69bfefff3adee2f4acc469261a9137af1ee034af3c
df06d41193dbda411c560473016e45ebe8fc845de91c0cb034636e3a93b7ee1d
e0ec54f4555ff0d104bede41ef1c87356f86dd9ab5a0cb92bf64c65edca2906d
e2e412bb9397374af8c5114e9dc36eabd38097299b40c01996a8f3552a32378f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e73149c1f23d4365400de58d3cdaffa1798e03e4621afab281f598da66120b24
ebefb9fcffacc72b520e93be5a0d928e635a9767819fd451fe8291f2dce092ae
ecf0ea9cd48d08f9434e0f7059452ba055c62941d101966e8c5026f558fb62a7
ef0d78292aef54da144a94dcb307a6a8fdafb55f95138d5ed68690f162635847
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19b9d5458426390e1e42ca4ab00ab81ab3494878fe7c56b6000b6dda1ab742
f18c733ec55ba474027d9cb1e2e0924aecc686c282150c68c0cf1015d93f3460
f453d7bb5a2e85607c6352d45c7a5be89c3baddd0e9a13ca99e42a27e046ae93
fcc5d1b6fc914038230c64d5380b6018a885f57c1e7d76ee7e0ef1bd175f48d2
fdc3aaf28a5f2a1b804039c6a2ea2c3a934ee7a2af47963f45caf826484b4b02

www.kaspersky.com Open in urlscan Pro 185.85.15.47 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

106 Requests

95 %HTTPS

42 %IPv6

31 Domains

41 Subdomains

35 IPs

7 Countries

1932 kBTransfer

5727 kBSize

60 Cookies

72 Outgoing links

Page URL History

Redirected requests

106 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kaspersky.com Open in urlscan Pro
185.85.15.47 Public Scan

Screenshot
Live screenshot

Full Image

106
Requests

95 %
HTTPS

42 %
IPv6

31
Domains

41
Subdomains

35
IPs

7
Countries

1932 kB
Transfer

5727 kB
Size

60
Cookies

106 HTTP transactions
0 data transactions