urlscan.io logo urlscan.io
SecurityTrails logo

www.itsec.ru Open in urlscan Pro
199.60.103.226  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Submission: On November 11 via api from IN — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 33 IPs in 4 countries across 28 domains to perform 122 HTTP transactions. The main IP is 199.60.103.226, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is www.itsec.ru.
TLS certificate: Issued by WE1 on September 19th 2024. Valid for: 3 months.
This is the only time www.itsec.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
35 199.60.103.226 209242 (CLOUDFLAR...)
6 9 104.18.91.62 13335 (CLOUDFLAR...)
10 141.101.90.96 13335 (CLOUDFLAR...)
2 142.250.184.200 15169 (GOOGLE)
4 6 172.64.146.132 13335 (CLOUDFLAR...)
10 52.219.171.147 16509 (AMAZON-02)
1 23.206.209.244 16625 (AKAMAI-AS)
1 195.146.82.42 8241 (RELLINE-AS)
1 104.17.172.91 13335 (CLOUDFLAR...)
4 9 87.250.251.119 13238 (YANDEX)
2 157.240.0.6 32934 (FACEBOOK)
1 4 87.240.137.164 47541 (VKONTAKTE...)
1 216.58.212.170 15169 (GOOGLE)
2 104.18.10.207 13335 (CLOUDFLAR...)
2 142.250.185.227 15169 (GOOGLE)
1 172.65.238.60 13335 (CLOUDFLAR...)
1 172.65.239.55 13335 (CLOUDFLAR...)
3 172.65.236.181 13335 (CLOUDFLAR...)
1 172.65.202.201 13335 (CLOUDFLAR...)
2 141.101.90.99 13335 (CLOUDFLAR...)
2 142.250.185.78 15169 (GOOGLE)
1 142.250.186.78 15169 (GOOGLE)
1 64.233.166.154 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
1 1 104.16.118.116 13335 (CLOUDFLAR...)
2 172.65.198.159 13335 (CLOUDFLAR...)
1 93.158.134.119 13238 (YANDEX)
2 157.240.253.35 32934 (FACEBOOK)
4 172.65.232.43 13335 (CLOUDFLAR...)
14 172.65.240.166 13335 (CLOUDFLAR...)
1 172.65.193.34 13335 (CLOUDFLAR...)
1 172.217.16.196 15169 (GOOGLE)
1 142.250.184.195 15169 (GOOGLE)
122 33
35    199.60.103.226 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.itsec.ru
9    104.18.91.62 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn2.hubspot.net
10    141.101.90.96 (United States)

ASN13335 (CLOUDFLARENET, US)
2037604.fs1.hubspotusercontent-eu1.net
2    142.250.184.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com
6    172.64.146.132 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
7052064.fs1.hubspotusercontent-na1.net
fs.hubspotusercontent00.net
273774.fs1.hubspotusercontent-na1.net
2037604.fs1.hubspotusercontent-na1.net
10    52.219.171.147 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: s3-w.eu-central-1.amazonaws.com
hubspot-no-cache-eu1-prod.s3.amazonaws.com
1    23.206.209.244 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-209-244.deploy.static.akamaitechnologies.com
s7.addthis.com
1    195.146.82.42 (Russian Federation)

ASN8241 (RELLINE-AS, RU)
PTR: www.telenews.ru
direct.groteck.ru
1    104.17.172.91 (None, )

ASN13335 (CLOUDFLARENET, US)
static.hsappstatic.net
9    87.250.251.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
4    87.240.137.164 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv164-137-240-87.vk.com
vk.com
1    216.58.212.170 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f170.1e100.net
fonts.googleapis.com
2    104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
2    142.250.185.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f3.1e100.net
fonts.gstatic.com
1    172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-analytics.net
1    172.65.239.55 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hsleadflows.net
3    172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hubspot.com
app-eu1.hubspot.com
1    172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.hs-banner.com
2    141.101.90.99 (United States)

ASN13335 (CLOUDFLARENET, US)
js-eu1.usemessages.com
api-eu1.hubapi.com
2    142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net
www.google-analytics.com
1    142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net
analytics.google.com
1    64.233.166.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f154.1e100.net
stats.g.doubleclick.net
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
td.doubleclick.net
1    104.16.118.116 (None, )

ASN13335 (CLOUDFLARENET, US)
cta-service-cms2.hubspot.com
2    172.65.198.159 (United States)

ASN13335 (CLOUDFLARENET, US)
cta-eu1.hubspot.com
1    93.158.134.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.com
2    157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com
www.facebook.com
4    172.65.232.43 (United States)

ASN13335 (CLOUDFLARENET, US)
perf-eu1.hsforms.com
14    172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)
track-eu1.hubspot.com
1    172.65.193.34 (United States)

ASN13335 (CLOUDFLARENET, US)
forms-eu1.hubspot.com
1    172.217.16.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f4.1e100.net
www.google.com
1    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
35 itsec.ru
www.itsec.ru
157 KB
21 hubspot.com
no-cache.hubspot.com Failed
js-eu1.hubspot.com — Cisco Umbrella Rank: 22267
app-eu1.hubspot.com — Cisco Umbrella Rank: 43929
cta-service-cms2.hubspot.com — Cisco Umbrella Rank: 3687
cta-eu1.hubspot.com — Cisco Umbrella Rank: 22487
track-eu1.hubspot.com — Cisco Umbrella Rank: 16632
forms-eu1.hubspot.com — Cisco Umbrella Rank: 58156
47 KB
10 amazonaws.com
hubspot-no-cache-eu1-prod.s3.amazonaws.com — Cisco Umbrella Rank: 230848
21 KB
10 hubspotusercontent-eu1.net
2037604.fs1.hubspotusercontent-eu1.net
552 KB
9 hubspot.net
cdn2.hubspot.net — Cisco Umbrella Rank: 8959
77 KB
6 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9307
4 KB
5 hubspotusercontent-na1.net
7052064.fs1.hubspotusercontent-na1.net
273774.fs1.hubspotusercontent-na1.net — Cisco Umbrella Rank: 157993
2037604.fs1.hubspotusercontent-na1.net
5 KB
4 hsforms.com
perf-eu1.hsforms.com — Cisco Umbrella Rank: 23134
5 KB
4 vk.com
vk.com — Cisco Umbrella Rank: 7443
19 KB
4 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 4610
131 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
278 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
td.doubleclick.net — Cisco Umbrella Rank: 192
552 B
2 google.com
analytics.google.com — Cisco Umbrella Rank: 147
www.google.com — Cisco Umbrella Rank: 3
1 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
21 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1113
83 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
78 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
199 KB
1 hubapi.com
api-eu1.hubapi.com — Cisco Umbrella Rank: 24869
629 B
1 usemessages.com
js-eu1.usemessages.com — Cisco Umbrella Rank: 35948
26 KB
1 hs-banner.com
js-eu1.hs-banner.com — Cisco Umbrella Rank: 16099
20 KB
1 hsleadflows.net
js-eu1.hsleadflows.net — Cisco Umbrella Rank: 74305
92 KB
1 hs-analytics.net
js-eu1.hs-analytics.net — Cisco Umbrella Rank: 16335
25 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
1 KB
1 hsappstatic.net
static.hsappstatic.net — Cisco Umbrella Rank: 5807
5 KB
1 groteck.ru
direct.groteck.ru
786 B
1 hubspotusercontent00.net
fs.hubspotusercontent00.net — Cisco Umbrella Rank: 118235
176 B
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 4785
122 28
Domain Requested by
35 www.itsec.ru www.itsec.ru
js-eu1.usemessages.com
14 track-eu1.hubspot.com
10 hubspot-no-cache-eu1-prod.s3.amazonaws.com www.itsec.ru
10 2037604.fs1.hubspotusercontent-eu1.net www.itsec.ru
9 cdn2.hubspot.net 6 redirects www.itsec.ru
2037604.fs1.hubspotusercontent-eu1.net
6 mc.yandex.com 3 redirects www.itsec.ru
mc.yandex.ru
4 perf-eu1.hsforms.com www.itsec.ru
4 vk.com 1 redirects www.itsec.ru
4 mc.yandex.ru 1 redirects www.itsec.ru
3 2037604.fs1.hubspotusercontent-na1.net 3 redirects
2 www.facebook.com www.itsec.ru
2 cta-eu1.hubspot.com www.itsec.ru
js-eu1.hubspot.com
2 app-eu1.hubspot.com www.itsec.ru
js-eu1.usemessages.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
2 maxcdn.bootstrapcdn.com 2037604.fs1.hubspotusercontent-eu1.net
maxcdn.bootstrapcdn.com
2 connect.facebook.net www.itsec.ru
connect.facebook.net
2 www.googletagmanager.com www.itsec.ru
www.googletagmanager.com
1 www.gstatic.com www.google.com
1 www.google.com js-eu1.hsleadflows.net
1 forms-eu1.hubspot.com js-eu1.hsleadflows.net
1 cta-service-cms2.hubspot.com 1 redirects
1 api-eu1.hubapi.com www.itsec.ru
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 js-eu1.usemessages.com www.itsec.ru
1 js-eu1.hs-banner.com www.itsec.ru
1 js-eu1.hubspot.com www.itsec.ru
1 js-eu1.hsleadflows.net www.itsec.ru
1 js-eu1.hs-analytics.net www.itsec.ru
1 273774.fs1.hubspotusercontent-na1.net 2037604.fs1.hubspotusercontent-eu1.net
1 fonts.googleapis.com 2037604.fs1.hubspotusercontent-eu1.net
1 static.hsappstatic.net www.itsec.ru
1 direct.groteck.ru www.itsec.ru
1 fs.hubspotusercontent00.net 1 redirects
1 s7.addthis.com www.itsec.ru
1 7052064.fs1.hubspotusercontent-na1.net www.itsec.ru
0 no-cache.hubspot.com Failed www.itsec.ru
122 39
Subject Issuer Validity Valid
www.itsec.ru
WE1		 2024-09-19 -
2024-12-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hubspotusercontent-na1.net
WE1		 2024-10-27 -
2025-01-26		 3 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2024-04-22 -
2025-04-07		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-09 -
2024-12-11		 a year crt.sh
*.groteck.ru
E5		 2024-09-09 -
2024-12-08		 3 months crt.sh
hubspot.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
hsappstatic.net
WE1		 2024-11-04 -
2025-02-02		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2024-10-20 -
2025-04-01		 5 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-08-20 -
2024-11-18		 3 months crt.sh
*.vk.com
GlobalSign ECC OV SSL CA 2018		 2024-10-04 -
2025-03-02		 5 months crt.sh
upload.video.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
bootstrapcdn.com
WE1		 2024-09-20 -
2024-12-19		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hs-analytics.net
WE1		 2024-10-07 -
2025-01-05		 3 months crt.sh
hsleadflows.net
WE1		 2024-09-29 -
2024-12-28		 3 months crt.sh
hubspot.com
WE1		 2024-10-03 -
2025-01-01		 3 months crt.sh
hs-banner.com
WE1		 2024-09-24 -
2024-12-23		 3 months crt.sh
usemessages.com
WE1		 2024-10-06 -
2025-01-04		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
hubapi.com
WE1		 2024-11-07 -
2025-02-05		 3 months crt.sh
hsforms.com
WE1		 2024-10-10 -
2025-01-08		 3 months crt.sh
www.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Frame ID: 0FE72E5E9A5E620DB45223F26DC8BA61
Requests: 119 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-7VCBG2SCQS&gacid=1813968562.1731333400&gtm=45je4b70v9119679395za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629&z=504995217
Frame ID: 03A1095E840E74295730059E59AA3FDD
Requests: 1 HTTP requests in this frame

Frame: https://mc.yandex.com/metrika/metrika_match.html
Frame ID: 825272DBF2880B23C88FEDE5D6A0582A
Requests: 1 HTTP requests in this frame

Frame: https://app-eu1.hubspot.com/conversations-visitor/2037604/threads/utk/2105aeaa4c1343e793382bf633a7331a?uuid=1f4ccd1d1e8444f298e1e44c82d43dbe&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=itsec.ru&inApp53=false&messagesUtk=2105aeaa4c1343e793382bf633a7331a&url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=true&hideScrollToButton=true&isIOSMobile=false
Frame ID: F87AFFA9011371017E53C168B99B40DE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ботнет Androxgh0st активно охотится на серверы и  устройства интернета вещей

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

86 %
HTTPS

0 %
IPv6

28
Domains

39
Subdomains

33
IPs

4
Countries

1848 kB
Transfer

5200 kB
Size

39
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://cdn2.hubspot.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/module_77339487506_Related_Posts_by_Groteck_copy_6.min.css HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/module_77339487506_Related_Posts_by_Groteck_copy_6.min.css
Request Chain 10
  • https://cdn2.hubspot.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/module_75803801515_Related_Posts_by_Groteck_copy_3.min.css HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/module_75803801515_Related_Posts_by_Groteck_copy_3.min.css
Request Chain 15
  • https://cdn2.hubspot.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
Request Chain 16
  • https://cdn2.hubspot.net/hubfs/2037604/Digital/IS/InfoSec_logo-1.svg HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/Digital/IS/InfoSec_logo-1.svg
Request Chain 20
  • https://cdn2.hubspot.net/hub/2037604/hubfs/Digital/IS/InfSec_without_fonts.jpg?width=490&height=62&name=InfSec_without_fonts.jpg HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/Digital/IS/InfSec_without_fonts.jpg?width=490&height=62&name=InfSec_without_fonts.jpg
Request Chain 33
  • https://fs.hubspotusercontent00.net/hub/2037604/hubfs/zen-icon.png?width=40&height=40&name=zen-icon.png HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/zen-icon.png?width=40&height=40&name=zen-icon.png
Request Chain 53
  • https://2037604.fs1.hubspotusercontent-na1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-02-1.jpeg?width=1076&name=itsec-cybersecurity-02-1.jpeg HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-02-1.jpeg?width=1076&name=itsec-cybersecurity-02-1.jpeg
Request Chain 55
  • https://2037604.fs1.hubspotusercontent-na1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-01-1.jpeg?width=1436&name=itsec-cybersecurity-01-1.jpeg HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-01-1.jpeg?width=1436&name=itsec-cybersecurity-01-1.jpeg
Request Chain 56
  • https://vk.com/js/api/openapi.js?168 HTTP 302
  • https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
Request Chain 73
  • https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&pageId=187281761483&pid=2037604&sv=cta-embed-js-static-1.323&rdy=1&cos=1&df=t&pg=1693d999-d02f-419f-bfb0-6ce57d598953&pg=45d90f48-7344-4e0d-a231-c951317dc6a7&pg=8af81c11-2396-4bf7-ae21-cc7da1369356&pg=ca0ec86d-029f-4743-ae4b-fa8076656ff3&pg=24d42685-c73d-44f9-a545-50c130655423&pg=1b22075b-9a31-425e-99b6-54bc096713d0&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=8df04822-3674-4a3c-99e2-baf7ab9c8590&pg=40178650-0529-4d70-8b82-b647c1d9909b&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=cf2d2246-b1ea-4037-9527-5b8285104d69 HTTP 307
  • https://cta-eu1.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&pageId=187281761483&pid=2037604&sv=cta-embed-js-static-1.323&rdy=1&cos=1&df=t&pg=1693d999-d02f-419f-bfb0-6ce57d598953&pg=45d90f48-7344-4e0d-a231-c951317dc6a7&pg=8af81c11-2396-4bf7-ae21-cc7da1369356&pg=ca0ec86d-029f-4743-ae4b-fa8076656ff3&pg=24d42685-c73d-44f9-a545-50c130655423&pg=1b22075b-9a31-425e-99b6-54bc096713d0&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=8df04822-3674-4a3c-99e2-baf7ab9c8590&pg=40178650-0529-4d70-8b82-b647c1d9909b&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=cf2d2246-b1ea-4037-9527-5b8285104d69
Request Chain 76
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10550.f1WFe9J5tIQ3L9fG5Vf0jRBEhJlhA6GAZeRNLpUad9t9v6QsDizXPghEr6dEcwjC.j7zyCc9vrfsvXYeeBuks2Yg7zyg%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=10550.le97joZwuZM9GRt2MqoW7NS1wwoS_tyL45CrCcRYZqeSGW4AvzjUN8jqeDHi4R6hPtjVfRurOs4OBFn97QEyZs6gfN4GRJ5H4JmRWZ13Yis6-ov5VT-aOhChnZ8YMCyqeWHECAV9-7uFwr5UAX4tQo0WgmQ5w9Fd_vpxWXb5nkM4Aa-0XKKkD03N5FHMiH9Bbb5zfCsB4CjbkIF9DjKaWd6Gb1CsDL2eCf2djG5XjpE%2C.gAMVEquPc5uqFN2Z0MVUwFbDiSs%2C HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.gXwwyR5KYFBgntY_WQvIWKqDmymO4CarFH_tzira5l8ds833wvZEtj5_NcB_TtRlEYC6Rk3yLZvdux6XE7D1xVdXOU6-SLqplrAa8a-g7fH8hGDnV02en9zuf6IUn7ZZtRmzRApCd2GYyiJZoANZBj34AT9f11CmXlaw-rYFshdp4kTuulKIr2xnO3Qex6-YHoih4lRM1v2jFNuEEetx_g%2C%2C.kJT6vUU7O7o925aBl3Km6YNdfJU%2C
Request Chain 82
  • https://mc.yandex.com/watch/68360557?wmode=7&page-url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A423533612494%3Ahid%3A175009476%3Az%3A60%3Ai%3A20241111145640%3Aet%3A1731333400%3Ac%3A1%3Arn%3A910004072%3Arqn%3A1%3Au%3A1731333400997179714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3895%3Awv%3A2%3Ads%3A35%2C688%2C1075%2C118%2C0%2C0%2C%2C2038%2C71%2C%2C%2C%2C4414%3Aco%3A0%3Acpf%3A1%3Ans%3A1731333395777%3Agi%3AR0ExLjEuMTgxMzk2ODU2Mi4xNzMxMzMzNDAw%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731333401%3At%3A%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)rcm(1)cdl(na)eco(42009088)ti(1) HTTP 302
  • https://mc.yandex.com/watch/68360557/1?wmode=7&page-url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A423533612494%3Ahid%3A175009476%3Az%3A60%3Ai%3A20241111145640%3Aet%3A1731333400%3Ac%3A1%3Arn%3A910004072%3Arqn%3A1%3Au%3A1731333400997179714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3895%3Awv%3A2%3Ads%3A35%2C688%2C1075%2C118%2C0%2C0%2C%2C2038%2C71%2C%2C%2C%2C4414%3Aco%3A0%3Acpf%3A1%3Ans%3A1731333395777%3Agi%3AR0ExLjEuMTgxMzk2ODU2Mi4xNzMxMzMzNDAw%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731333401%3At%3A%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
Request Chain 114
  • https://cdn2.hubspot.net/hubfs/2037604/favicon-3.ico HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/favicon-3.ico
Request Chain 120
  • https://2037604.fs1.hubspotusercontent-na1.net/hubfs/2037604/negotiations_business.jpg HTTP 307
  • https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/negotiations_business.jpg

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot
www.itsec.ru/news/ 		574 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
62758c613310935597d50349cd757f0286bd0d3fe5d78e1e798b4b973d7a9c25
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
alt-svc
h3=":443"; ma=86400
cache-control
s-maxage=7200,max-age=5
cache-tag
CT-187281761483,CG-6551927956,P-2037604,L-6777699128,L-6777699133,L-6777699136,L-6777699138,L-6777699140,L-6777699505,W-4618363599,W-6777520517,CW-36150343388,CW-52505080065,CW-6398576984,CW-6400382884,CW-75803801515,CW-77339487506,E-52505079992,E-52505891116,E-52506035092,E-6718423179,MENU-6777520517,PGS-ALL,SW-0,B-6545412444,B-6551927956,GC-27863841279,GC-34052845475,GC-36150963523
cf-cache-status
EXPIRED
cf-ray
8e0ec9606ab74c48-MXP
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html;charset=utf-8
date
Mon, 11 Nov 2024 13:56:37 GMT
edge-cache-tag
CT-187281761483,CG-6551927956,P-2037604,L-6777699128,L-6777699133,L-6777699136,L-6777699138,L-6777699140,L-6777699505,W-4618363599,W-6777520517,CW-36150343388,CW-52505080065,CW-6398576984,CW-6400382884,CW-75803801515,CW-77339487506,E-52505079992,E-52505891116,E-52506035092,E-6718423179,MENU-6777520517,PGS-ALL,SW-0,B-6545412444,B-6551927956,GC-27863841279,GC-34052845475,GC-36150963523
last-modified
Mon, 11 Nov 2024 13:56:37 GMT
link
</hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js>; rel=preload; as=script, </hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/cos-i18n/static-1.53/bundles/project.js>; rel=preload; as=script, </hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js>; rel=preload; as=script, </hs/hsstatic/slick/static-1.56/bundles/project.js>; rel=preload; as=script
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000
vary
origin, Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
770
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/cms-td/envoy-proxy-6c8cd89f4f-5lt89
x-evy-trace-virtual-host
all
x-hs-cache-config
BrowserCache-5s-EdgeCache-7200s
x-hs-content-campaign-id
2def7bc5-049c-4987-956e-9db160f021f7
x-hs-content-id
187281761483
x-hs-hub-id
2037604
x-hubspot-correlation-id
e253a9bd-d2fe-464f-a13a-e5c0262a7a16
x-request-id
e253a9bd-d2fe-464f-a13a-e5c0262a7a16
comment_listing_asset.js
www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"2455723721db341ff86a4f64384a9c0d"
age
1157842
x-amz-version-id
4D3b_.jtdSCbU1XTktruWk73HT0wxWk7
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
JqC__lMwR2vocz6zmWxTSGnUnB0k8EFUV3C6piLRRbqBaMZB_aa6HQ==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
application/javascript
last-modified
Fri, 17 Dec 2021 15:26:09 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 3252b1165fb05fd246176fba3cd1b1a4.cloudfront.net (CloudFront)
cf-ray
8e0ec9675d0a4c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
project.js
www.itsec.ru/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/ 		2 KB
713 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/keyboard-accessible-menu-flyouts/static-1.17/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"ef84f26c310485299d6b75777414eddb"
age
544371
x-amz-version-id
gEenO44eZUewxnIWfgj9q6LB.g9OszNv
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
eTB0rxYIBjNG86xf41L37dRjg1i1Gc9l9NddNNzWwQtJejKwXh5rHg==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
application/javascript
last-modified
Wed, 19 Aug 2020 22:24:11 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 a366fd20fbfe4c17553696da0b2bf4ee.cloudfront.net (CloudFront)
cf-ray
8e0ec9675d0f4c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
project.js
www.itsec.ru/hs/hsstatic/cos-i18n/static-1.53/bundles/ 		1 KB
998 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/cos-i18n/static-1.53/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"61ca66de658cab9587e4636894680d5d"
age
307720
x-amz-version-id
P9ES7sOpFzrLl1QoRwjEAy5outPo5_GO
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
eBYTj8FN1JnCzNz_NZ5NwDhkWWotkv2CYkHwHNx3aytwenCGKdptnQ==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
application/javascript
last-modified
Tue, 09 Nov 2021 16:12:42 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 61beea9b7a54f47fca4ae4dea3f52fa2.cloudfront.net (CloudFront)
cf-ray
8e0ec9675d114c48-MXP
x-amz-cf-pop
MXP63-P3
server
cloudflare
x-amz-server-side-encryption
AES256
post_listing_asset.js
www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"d95d7dafd49a1edc76a47120c287b579"
age
373003
x-amz-version-id
nC1hzr07YsutChb9rCwKsMoiyxip8lR7
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
jthHLKpaYliTaRLdEvPa9ptIQZQIu6_3RYqvVCdA7XyuJSpgN7Bs5g==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
application/javascript
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 cb210b32cb63accb1dee8d789e368c9c.cloudfront.net (CloudFront)
cf-ray
8e0ec9675d154c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
project.js
www.itsec.ru/hs/hsstatic/slick/static-1.56/bundles/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/slick/static-1.56/bundles/project.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
78c1067f132eea7b2016db8fbd1598ff3aa7cf2783b9b015af6fea7c7e9857c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"7e0bd17ac00ad4e2d26b2b779ea1d288"
age
287310
x-amz-version-id
285q1HdqrQ_hZ9ueMBR8vfvbABji4sCd
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
x-YSArWiyoi0h8MZq6cjFdMH1vVx2kGU2j_yb5y7Kfvgw3JzBDzKBw==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
application/javascript
last-modified
Tue, 29 Sep 2020 17:48:04 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 8853e755172ae4b8edf004ee2c19d508.cloudfront.net (CloudFront)
cf-ray
8e0ec9675d194c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
jquery-1.11.2.js
www.itsec.ru/hs/hsstatic/jquery-libs/static-1.4/jquery/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/jquery-libs/static-1.4/jquery/jquery-1.11.2.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"5790ead7ad3ba27397aedfa3d263b867"
age
383328
x-amz-version-id
null
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
SmqDIXSSLq_kbMgH8VyHuLYDewvyVNt1jEvx-HLhXEMYBbf3IIEeyg==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
application/javascript
last-modified
Thu, 08 Jan 2015 18:08:00 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
cache-control
public, max-age=31536000
via
1.1 b2cad6abf512e2a0102db7f82b0bbb90.cloudfront.net (CloudFront)
cf-ray
8e0ec967ad8c4c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
quick-action.min.css
www.itsec.ru/hs-fs/hub/2037604/hub_generated/template_assets/52505891116/1728392821257/marketplace/Neambo/Act3/css/components/ 		994 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs-fs/hub/2037604/hub_generated/template_assets/52505891116/1728392821257/marketplace/Neambo/Act3/css/components/quick-action.min.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b3caa9cbca43a94839d5e6c42a67b64c2d418612b834851f794556d361f6a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
ea8fcf5b-1733-4cc5-abd6-abb805985434
content-encoding
br
cf-cache-status
HIT
etag
W/"12d7a9f6485403ee1e49643b327b647f"
x-amz-version-id
FYGiGaXAtzu8fhhMnPcZrMFP405WCfjr
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
emIn4cyNhnynfaqcu64COh0OkI8lF9F4KTTU8uyoWbERPlS8QYnHOw==
x-hubspot-correlation-id
ea8fcf5b-1733-4cc5-abd6-abb805985434
content-type
text/css
last-modified
Tue, 08 Oct 2024 13:07:03 GMT
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900,s-maxage=31536000, max-age=31536000
x-evy-trace-served-by-pod
fra04/cms-hubfs-td/envoy-proxy-65bcf79b59-l66kl
x-envoy-upstream-service-time
69
x-amz-request-id
770XNNJP7Z8SJGB4
x-hs-alternate-content-type
text/plain
server
cloudflare
x-evy-trace-virtual-host
all
x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
x-amz-server-side-encryption
AES256
x-amz-storage-class
INTELLIGENT_TIERING
date
Mon, 11 Nov 2024 13:56:37 GMT
vary
origin, Accept-Encoding
x-amz-id-2
iNhv8Xiaoya+RWHFyWqDdCcQfSM8p60HzyCWW37qBfgJi/7ujMJHmhdS7Wdv5oBR9eDZ+e8XWt+6ajtaGeXAFoQsIrwOhwPOej2/Oi2Sk+o=
strict-transport-security
max-age=31536000
timing-allow-origin
www.itsec.ru
access-control-allow-credentials
false
via
1.1 6be461c5a9399007c1540eee90371674.cloudfront.net (CloudFront)
cf-ray
8e0ec967ad854c48-MXP
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P7
x-amz-meta-created-unix-time-millis
1728392822285
project.css
www.itsec.ru/hs/hsstatic/slick/static-1.56/bundles/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/slick/static-1.56/bundles/project.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f297a0c1c0dc0a5fb9c70931b275504c7b3dd7d68d849d2fb9f55f023b900e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"c93c620923e2a0ce4dded14e05c27430"
age
219742
x-amz-version-id
TXZCkzFJMTLo6q0VOuNJubRglA3llCdh
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
E_jwM1eNpvr5ck63lVhoQr2KM6NMoZVjZlSe72dXt3CM4_3hZxDZZQ==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
text/css
last-modified
Tue, 29 Sep 2020 17:48:04 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 92f3d3fb9fe3ca5166aa49ba6fcab7b6.cloudfront.net (CloudFront)
cf-ray
8e0ec967ad874c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
legacyGalleryModule.css
www.itsec.ru/hs/hsstatic/legacy-module-support/static-1.27/bundles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/legacy-module-support/static-1.27/bundles/legacyGalleryModule.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a412d7febfee5f30a62c8f7d2c034b1202a9b416ce0a916f952a2a148112fa4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"95a11418ebd74374fe44b9027e0fdc3d"
age
546144
x-amz-version-id
Wqc42IPO8GyArRHYiHkcldzJwXIhUDs9
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
Y5B7BGJWrrN0_xSN2zhgnaKj_t68EI-Y_tQ_DCcyToRjOj9IAsXF7A==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
text/css
last-modified
Wed, 19 Aug 2020 22:24:37 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 e298c8505f602b30437cc1a6af7c98ca.cloudfront.net (CloudFront)
cf-ray
8e0ec967ad884c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
module_77339487506_Related_Posts_by_Groteck_copy_6.min.css
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/
Redirect Chain
  • https://cdn2.hubspot.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/module_77339487506_Related_Posts_by_Groteck_copy_6.min.css
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/module_77339487506_Related_Posts_by_Groteck_copy_6.min.css
239 B
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/module_77339487506_Related_Posts_by_Groteck_copy_6.min.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929aee5623a45fbec3107f91d7a819afb5e259803e071a0fc957619bbe0356b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-evy-trace-virtual-host
all
x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
x-request-id
12152e75-9dd6-43fc-8359-0709f81ae657
content-encoding
br
cf-cache-status
HIT
etag
W/"fffdde7016b5709f9c0edc804bb3925a"
access-control-allow-methods
GET
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:38 GMT
x-hubspot-correlation-id
12152e75-9dd6-43fc-8359-0709f81ae657
content-type
text/css
last-modified
Thu, 25 Jan 2024 22:04:51 GMT
vary
Accept-Encoding
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
x-evy-trace-served-by-pod
fra04/cms-cdn2-td/envoy-proxy-55d689dc88-wtjdr
x-envoy-upstream-service-time
46
cf-ray
8e0ec96e58160e11-MXP
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
server
cloudflare
x-amz-meta-created-unix-time-millis
1656065495678
x-amz-server-side-encryption
AES256

Redirect headers

nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/77339487506/1656065495678/module_77339487506_Related_Posts_by_Groteck_copy_6.min.css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gA5R7zZmMq8ibOuBpqMQ7dwYQ0%2B2JyOJZGG89i4RBnP%2Br5PJKMA2RVqfR97y2QoNnKlUFJ1XksEQycwyOzVicDzsRBaliXWj5J1bEQpDoeMNKyEiLTXBpqK9EZOz1Kp7oMU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0ec96a68b9526c-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
Accept-Encoding
server
cloudflare
module_75803801515_Related_Posts_by_Groteck_copy_3.min.css
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/
Redirect Chain
  • https://cdn2.hubspot.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/module_75803801515_Related_Posts_by_Groteck_copy_3.min.css
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/module_75803801515_Related_Posts_by_Groteck_copy_3.min.css
239 B
340 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/module_75803801515_Related_Posts_by_Groteck_copy_3.min.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
929aee5623a45fbec3107f91d7a819afb5e259803e071a0fc957619bbe0356b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-evy-trace-virtual-host
all
x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
x-request-id
7ee8a784-3e2d-4093-9075-b77b45f14b4c
content-encoding
br
cf-cache-status
HIT
etag
W/"fffdde7016b5709f9c0edc804bb3925a"
access-control-allow-methods
GET
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:38 GMT
x-hubspot-correlation-id
7ee8a784-3e2d-4093-9075-b77b45f14b4c
content-type
text/css
last-modified
Thu, 25 Jan 2024 21:17:54 GMT
vary
Accept-Encoding
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
x-evy-trace-served-by-pod
fra04/cms-cdn2-td/envoy-proxy-fcb446d4b-9jjft
x-envoy-upstream-service-time
102
cf-ray
8e0ec96e581c0e11-MXP
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
server
cloudflare
x-amz-meta-created-unix-time-millis
1655301816571
x-amz-server-side-encryption
AES256

Redirect headers

nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/module_assets/75803801515/1655301816571/module_75803801515_Related_Posts_by_Groteck_copy_3.min.css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K5D6tj79LooajHQti17jW1CDccviky2fGsnwtdz0i6VyFINoKOEWvyLxl3O%2Bd%2BW%2BqSZle4wtwU%2FYxPvBV0rHvjvOzQAWP86Mn5atMlXHvwFVcTqRJ1xVoJwMxaMAJxHq5W4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0ec96a68bc526c-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
Accept-Encoding
server
cloudflare
comments_listing_asset.css
www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/sass/ 		1 KB
702 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/sass/comments_listing_asset.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"6b1d31d121f4c84e5ee3b7d7446495d8"
age
299454
x-amz-version-id
LQgaE1SSZjkxZtePb5jE9vLc6kDw7LTx
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
wMzjdcYklTtLbOreUi9Pezx6vTE7DZQjt-WSqOS2oCq5oq2vQ9HtzQ==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
text/css
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 e298c8505f602b30437cc1a6af7c98ca.cloudfront.net (CloudFront)
cf-ray
8e0ec967ad8a4c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
rss_post_listing.css
www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/sass/ 		910 B
413 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/sass/rss_post_listing.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e1b521ec14a912d6d385c21388ec7d79"
age
557369
x-amz-version-id
YluxiXaQWSQWC28IUPv3NXYXDi68ylxl
expires
Tue, 11 Nov 2025 13:56:37 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
IN5R_ZqAxcmKzX7letRJH-GXIrtV7KJApWPimlI7n6J9Zuxjhq-cOQ==
date
Mon, 11 Nov 2024 13:56:37 GMT
content-type
text/css
last-modified
Fri, 17 Dec 2021 15:26:10 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 3252b1165fb05fd246176fba3cd1b1a4.cloudfront.net (CloudFront)
cf-ray
8e0ec967ad8b4c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		222 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-115765294-3
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e5f33bb8abc8d2a877b1a18013e42557250d53b75cd4e017d69215f7c97ee8ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 11 Nov 2024 13:56:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 11 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
81187
x-xss-protection
0
server
Google Tag Manager
layout.min.css
7052064.fs1.hubspotusercontent-na1.net/hub/7052064/hub_generated/template_assets/1731097606020/hubspot/hubspot_default/shared/responsive/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://7052064.fs1.hubspotusercontent-na1.net/hub/7052064/hub_generated/template_assets/1731097606020/hubspot/hubspot_default/shared/responsive/layout.min.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-evy-trace-virtual-host
all
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-request-id
80fdbe0a-8a0d-41c1-9117-bfb35f3fcc66
content-encoding
gzip
cf-cache-status
HIT
etag
W/"fda5882b24ca5a84d04d090722dc713b"
age
220185
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:38 GMT
x-hubspot-correlation-id
80fdbe0a-8a0d-41c1-9117-bfb35f3fcc66
content-type
text/css
last-modified
Fri, 08 Nov 2024 20:26:47 GMT
vary
Accept-Encoding
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
7052064.fs1.hubspotusercontent-na1.net
x-evy-trace-served-by-pod
iad02/cms-cdn2-td/envoy-proxy-7bc7b84c58-x9qbl
x-envoy-upstream-service-time
179
cf-ray
8e0ec96a5bb40e43-MXP
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
IAD61-P1
x-hs-alternate-content-type
text/plain
server
cloudflare
x-amz-meta-created-unix-time-millis
1731097606657
x-amz-server-side-encryption
AES256
Act2_IS.min.css
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/
Redirect Chain
  • https://cdn2.hubspot.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
321 KB
64 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5857068841f475de9a975ab1d593c40cead0b5e9d3d27e57ca0642cfa3e0fd0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-evy-trace-virtual-host
all
x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
x-request-id
038b2061-47b4-4203-80d6-39a3c580a5a6
content-encoding
gzip
cf-cache-status
HIT
etag
W/"49578e9ce83ce9c9739dd5ac61042582"
access-control-allow-methods
GET
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:38 GMT
x-hubspot-correlation-id
038b2061-47b4-4203-80d6-39a3c580a5a6
content-type
text/css
last-modified
Thu, 25 Jan 2024 21:54:01 GMT
vary
Accept-Encoding
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
x-evy-trace-served-by-pod
fra04/cms-cdn2-td/envoy-proxy-679f4d5df-rjzxc
x-envoy-upstream-service-time
113
cf-ray
8e0ec96e58190e11-MXP
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P7
x-hs-alternate-content-type
text/plain
server
cloudflare
x-amz-meta-created-unix-time-millis
1689781040788
x-amz-server-side-encryption
AES256

Redirect headers

nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xzrVNW4LdOtPjDTNpizLQu9oM27bgnRtjqewzUmbaE9luyFxFeO95K9M7mzlgVkwy7wzVrAxaZJVMEZuNOQLl8RRKB5ez0jNUMT62ia6hG3teVhk5R%2BZ%2Fxi7n2sxBUhVrro%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0ec96a68bd526c-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
Accept-Encoding
server
cloudflare
InfoSec_logo-1.svg
2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/Digital/IS/
Redirect Chain
  • https://cdn2.hubspot.net/hubfs/2037604/Digital/IS/InfoSec_logo-1.svg
  • https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/Digital/IS/InfoSec_logo-1.svg
12 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/Digital/IS/InfoSec_logo-1.svg
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dcb2becdc61b6feb7282d4fdd332b7e13b15e61a8f1463e5ab68cac8b6ec636

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
content-encoding
br
cf-cache-status
HIT
etag
W/"3d64ea088be6866ff882905f401198fa"
age
881789
cache-tag
F-6998789575,FD-6788215824,P-2037604,FLS-ALL
x-amz-version-id
WRYy5IMtfahVG8UxjcDLU2YAoKZUnezn
access-control-allow-methods
GET
x-cache
RefreshHit from cloudfront
x-amz-cf-id
l9zlwGxu88hVROzzTjpxBEo32lSvXfLvwVyMLcZuiAwUcUIodG_eVQ==
date
Mon, 11 Nov 2024 13:56:38 GMT
content-type
image/svg+xml
last-modified
Thu, 25 Jan 2024 22:25:12 GMT
vary
Accept-Encoding
x-amz-id-2
brxLdb0E3G12CyCuV+Xne98neXTHXv44tkCfwRG/auBIquPhgDN1u15mZ9lC9FeHZVmPGAETwivp9bBwgnAE1w==
x-amz-replication-status
COMPLETED
edge-cache-tag
F-6998789575,FD-6788215824,P-2037604,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 3252b1165fb05fd246176fba3cd1b1a4.cloudfront.net (CloudFront)
cf-ray
8e0ec96e58200e11-MXP
x-amz-request-id
5V8C2CPFSDDPBVB0
access-control-allow-origin
*
x-amz-meta-cache-tag
F-6998789575,FD-6788215824,P-2037604,FLS-ALL
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256

Redirect headers

nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
location
https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/Digital/IS/InfoSec_logo-1.svg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pBIRS%2FkC22kRPBX8GerW1jUAe0fsee7Y%2FEx5AowfCav8UK5jphDYtqoPdwU170pBEzwzIb5h6%2Fp4kFqhBt2iJgZ8zq%2B82JqMgto6UWCUkq3a6AVbXxy%2FkWVKu2Crra5%2FZ%2F8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0ec96a68c1526c-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
Accept-Encoding
server
cloudflare
1693d999-d02f-419f-bfb0-6ce57d598953.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/1693d999-d02f-419f-bfb0-6ce57d598953.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f8798f7b524cdd6e929a20e928ef1fb0240b4fbbaf5dfc56a31f32d06464ef4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
Extc7mRsZpd7VVQT7TNW7wZU4uzJ5ten4EIDGE59bgkCginnVcKSFJGFG0k7YNNHMVZt6/uZTSY=
Cache-Control
no-cache, no-store
ETag
"e6d2aeebce66e48bd8a7c0d704fc3205"
x-amz-version-id
W75E1YQo3ri_SzJQVEa.oO2D0lRyhzMq
x-amz-request-id
ZNP9EHME90WX8CS4
Accept-Ranges
bytes
Content-Length
897
Date
Mon, 11 Nov 2024 13:56:38 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:09 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
current.js
www.itsec.ru/hs/cta/cta/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/cta/current.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
e4595ca6-696a-4d6d-b669-e6f4d3c0d530
content-encoding
br
cf-cache-status
HIT
etag
W/"49dc870f22dc7e8bef174360be6097bc"
age
120
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-amz-version-id
W9oj2sVh6Qn00LXbZPOqsSo8Yj5Mq5qt
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
DgiEHfnZ_MPXhJDYqtIXwUxyE-J3VN3ly9jZwcCLka3eYVtN6dU9HA==
x-hubspot-correlation-id
e4595ca6-696a-4d6d-b669-e6f4d3c0d530
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 11:44:56 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-2zl96
x-envoy-upstream-service-time
0
x-hs-target-asset
cta-embed-js/static-1.323/bundles/current.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.323/bundles/current.js&cfRay=8deabe8521c4d39d-FRA
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cf-ray
8e0ec96998324c48-MXP
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P2
45d90f48-7344-4e0d-a231-c951317dc6a7.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/45d90f48-7344-4e0d-a231-c951317dc6a7.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
a796e6759ebc8937a015fc0afaed2608ac4d676adcea00322e03c035d765cc64

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
/o6AzBkoZYO11uEW8ykcvA5bh2hMSlJ0seEureEwiGhhVmTnqr6K6vJH4cpvNH72CT/eMNM9FGE=
Cache-Control
no-cache, no-store
ETag
"32bbdb5b02a1bf71dd732bec01a02765"
x-amz-version-id
6mMLI0QIsMWo0EzpPtzHizqACuXeSupC
x-amz-request-id
YBP1QFE05EZ2RM8X
Accept-Ranges
bytes
Content-Length
1680
Date
Mon, 11 Nov 2024 13:56:39 GMT
Last-Modified
Wed, 30 Oct 2024 09:30:07 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
InfSec_without_fonts.jpg
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/Digital/IS/
Redirect Chain
  • https://cdn2.hubspot.net/hub/2037604/hubfs/Digital/IS/InfSec_without_fonts.jpg?width=490&height=62&name=InfSec_without_fonts.jpg
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/Digital/IS/InfSec_without_fonts.jpg?width=490&height=62&name=InfSec_without_fonts.jpg
7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/Digital/IS/InfSec_without_fonts.jpg?width=490&height=62&name=InfSec_without_fonts.jpg
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0521b1c1e29ecd693b29dd96da1d2fff7242c769d2275645542c869d7f3be21
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cf-cache-status
HIT
etag
"cf39dIs1AbSFA-BUszEtRukg-hNjynPdEoBgWp1wihDQ:d5dad06b7883e5db85669851ef40122b"
cache-tag
F-6790750124,FD-6788215824,P-2037604,FLS-ALL
cf-resized
internal=ok/h q=0 n=15+3 c=0+3 v=2024.10.6 l=7396 f=false
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 13:56:38 GMT
content-type
image/webp
last-modified
Thu, 25 Jan 2024 22:00:32 GMT
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
cf-ray
8e0ec96e58210e11-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
7396
server
cloudflare

Redirect headers

nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/Digital/IS/InfSec_without_fonts.jpg?width=490&height=62&name=InfSec_without_fonts.jpg
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aTReRmITNsjsyIhh60EUgevT2HCEUq5Q05M%2FdpP4bODks8EEfUujW9tpBe003zRmmSEC2YFluMhf0rhWjhWhWwjx55XiU1mGWBTNObk2p1cPFFuazh6oe35%2BHAIi6sph%2BlI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0ec96ae969526c-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
Accept-Encoding
server
cloudflare
8af81c11-2396-4bf7-ae21-cc7da1369356.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/8af81c11-2396-4bf7-ae21-cc7da1369356.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f8798f7b524cdd6e929a20e928ef1fb0240b4fbbaf5dfc56a31f32d06464ef4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
En91S7pQ4PaVBHDtrfQT2p59blOCe+xXmFvwhjEa0PKPyhDTRuwZ1uzCy5hykvcOdL4gWxNQtYo=
Cache-Control
no-cache, no-store
ETag
"e6d2aeebce66e48bd8a7c0d704fc3205"
x-amz-version-id
9y_LnYBWm69kyW2dRbIjbhMQiBAKJkIH
x-amz-request-id
G7EMTE11HB2XNAF6
Accept-Ranges
bytes
Content-Length
897
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:03 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
ca0ec86d-029f-4743-ae4b-fa8076656ff3.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		959 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ca0ec86d-029f-4743-ae4b-fa8076656ff3.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7ea7202867ab22bd0c6ba7df3783b566f6f429f174f673a6f46469228205d3d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
34EZK0Z4cTC/hI4QuFcoqwRzUywh9T4ArVkKtvWd9wVbiDtpNkQs2Nd4NH+ZMrckglL6lOsJUGY=
Cache-Control
no-cache, no-store
ETag
"a8dad819be94e338d7eac2f1f3fe7dd1"
x-amz-version-id
UoPVJ4hlOtB4glgeZrBqFymyRI2EPB2G
x-amz-request-id
G7EQ3CXNJM3YYPPN
Accept-Ranges
bytes
Content-Length
959
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:04 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
24d42685-c73d-44f9-a545-50c130655423.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		897 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/24d42685-c73d-44f9-a545-50c130655423.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f8798f7b524cdd6e929a20e928ef1fb0240b4fbbaf5dfc56a31f32d06464ef4a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
KRhrErxdKFUJs0S9zd9l0fUcA5OqjnuEURcPA+1/Dd0zyi+OcvuqN/kwSHtRnimJUBtnPRW0XbY=
Cache-Control
no-cache, no-store
ETag
"e6d2aeebce66e48bd8a7c0d704fc3205"
x-amz-version-id
w_BBc0VllyCFzGhllu8Nkozrn9ACjuSQ
x-amz-request-id
G7EHQG4RDYJJKQWE
Accept-Ranges
bytes
Content-Length
897
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:43:59 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
1b22075b-9a31-425e-99b6-54bc096713d0.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		959 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/1b22075b-9a31-425e-99b6-54bc096713d0.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
7ea7202867ab22bd0c6ba7df3783b566f6f429f174f673a6f46469228205d3d8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
7AkLwmLnrzVyPgEqIDp7RuUPPBBNatIPKlSlV23i9oiFRMA8MXo8aVKd2CL7T/Ev9yfB1LCw12E=
Cache-Control
no-cache, no-store
ETag
"a8dad819be94e338d7eac2f1f3fe7dd1"
x-amz-version-id
gzH.6GQdgh_BglEqfkVw24Uo4e6fwNo9
x-amz-request-id
G7EXY01CAVCVMMBK
Accept-Ranges
bytes
Content-Length
959
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:05 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
addthis_widget.js
s7.addthis.com/js/300/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.206.209.244 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-209-244.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Connection
keep-alive
Expires
Mon, 11 Nov 2024 13:56:39 GMT
Content-Length
27
Date
Mon, 11 Nov 2024 13:56:39 GMT
AK-GRN
0.c6d5ce17.1731333399.2f4049ac
Content-Type
text/html
efcac6b0-ac97-4906-992f-96f9fbfebdc3.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/efcac6b0-ac97-4906-992f-96f9fbfebdc3.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6bb2c9db8e164d53dc5644662c30f6da14efb9cdebcc8116e53ba7b67b00cc49

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
YoWMR8LZkPb7EIWBoB+AWLxZejJX0q7gts+1FR/dnSJi2ftnimdnpHWhHLJ/TEsC1PSFdoXJvWE=
Cache-Control
no-cache, no-store
ETag
"773a0d65c9dfe2b4f475023e230e8bee"
x-amz-version-id
SGo_I5GxwMQA.PKcSGE3bf72MHxrCs0s
x-amz-request-id
G7ESR1YHX1AD1RBT
Accept-Ranges
bytes
Content-Length
3209
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:03 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
1dc07eb3-0613-40dc-9082-2beaec02e52f.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/1dc07eb3-0613-40dc-9082-2beaec02e52f.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
bf987f8ffb8e6644e8c8eb6e0354728ccd992718edc7c6833778b48777f0ce12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
NVAQ4AQ2ayMQlvaig74fwIs9SjboiV1uzZHO5+EPB7bCcdZmg0MqmExDZnRok1Zs0+Nixlq6kwQ=
Cache-Control
no-cache, no-store
ETag
"b27b8f301022bf930d1f0d5b28bab8f8"
x-amz-version-id
Vr8vcEcKJ4EZD2Rjw5K1zJZ_wcdvXsjs
x-amz-request-id
G7EXFH1YXC4EMPWJ
Accept-Ranges
bytes
Content-Length
1985
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:13 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
8df04822-3674-4a3c-99e2-baf7ab9c8590.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/8df04822-3674-4a3c-99e2-baf7ab9c8590.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
08121131779451c0131da527ed2779eecde1b22d3db8c920cdf4e591751251fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
pXXkd/QZqNZeamq0gMfQHF783TFFTFZB5RGR3IVk1T0hRA0YzKb00TYOnhk1HfBbNkUaHtS92nU=
Cache-Control
no-cache, no-store
ETag
"d93440544e33fc0cd7e3506ac9c0beca"
x-amz-version-id
DUmvxUNwZG5tzi_VLvt8_4_Kcg3XBR8J
x-amz-request-id
G7EJ2F98E25FK2GB
Accept-Ranges
bytes
Content-Length
3114
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Tue, 23 Jul 2024 11:54:08 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
40178650-0529-4d70-8b82-b647c1d9909b.png
hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hubspot-no-cache-eu1-prod.s3.amazonaws.com/cta/default/2037604/40178650-0529-4d70-8b82-b647c1d9909b.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , CHACHA20_POLY1305
Server
52.219.171.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-w.eu-central-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
90675f0655920afe31da3a8dcb05cb127bedb04bf47ed416e8d608784b8932a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-id-2
FQe5Skv0PD3RECZN/3xfPZdI11ZxkS7USvnKismHyfO7GNTn7N/n/DJvzR/NTpqiDKyAgYfpvXA=
Cache-Control
no-cache, no-store
ETag
"2acb150e5bcb23f5eb9784f41f31a978"
x-amz-version-id
2eEE4JDBmqWP7._0EfKKl3Qrf2_mFTFH
x-amz-request-id
G7ENA5RC32RSQCX8
Accept-Ranges
bytes
Content-Length
1941
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Thu, 25 Jan 2024 20:44:10 GMT
Content-Type
image/png
Server
AmazonS3
x-amz-server-side-encryption
AES256
efcac6b0-ac97-4906-992f-96f9fbfebdc3.png
no-cache.hubspot.com/cta/default/2037604/ 		0
0
1dc07eb3-0613-40dc-9082-2beaec02e52f.png
no-cache.hubspot.com/cta/default/2037604/ 		0
0
cf2d2246-b1ea-4037-9527-5b8285104d69.png
no-cache.hubspot.com/cta/default/2037604/ 		0
0
zen-icon.png
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/
Redirect Chain
  • https://fs.hubspotusercontent00.net/hub/2037604/hubfs/zen-icon.png?width=40&height=40&name=zen-icon.png
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/zen-icon.png?width=40&height=40&name=zen-icon.png
908 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/zen-icon.png?width=40&height=40&name=zen-icon.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08c1e64263d89e2fcb4bb979fe6b51ee3dfe4ae3315006ed34ca2ebb43869d2
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cf-cache-status
HIT
etag
"cf6L158tdQ-0EmF8z3vfVXM2uYqBibKj50KeZkghQyDQ:724da075081b4e5efd8e7e39f5b45619"
cache-tag
F-38603830356,P-2037604,FLS-ALL
cf-resized
internal=ok/m q=0 n=71+1 c=0+1 v=2024.10.0 l=908 f=false
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
image/webp
last-modified
Thu, 25 Jan 2024 21:21:09 GMT
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront)
cf-ray
8e0ec977be980e11-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
908
server
cloudflare

Redirect headers

cf-ray
8e0ec976dd66bae7-MXP
access-control-allow-origin
*
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/zen-icon.png?width=40&height=40&name=zen-icon.png
content-length
0
date
Mon, 11 Nov 2024 13:56:40 GMT
vary
Accept-Encoding
server
cloudflare
music.png
www.itsec.ru/hs-fs/hubfs/%D0%B6%D0%98%D0%91/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itsec.ru/hs-fs/hubfs/%D0%B6%D0%98%D0%91/music.png?width=40&height=40&name=music.png
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0968e012a401f8d803f542b327db7d5b6b3c15ffd17e25518508fcf5b76ae557
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cf-cache-status
HIT
etag
"cfNxGjcq48NYawPDxBG7vjoZL9qBibKj50KeZkghQyDQ:286daaa360ff7404cbc5ee226b2f2919"
cache-tag
F-95874266834,FD-5402251292,P-2037604,FLS-ALL
cf-resized
internal=ok/m q=0 n=107+1 c=0+1 v=2024.10.6 l=1030 f=false
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
image/webp
last-modified
Mon, 11 Mar 2024 10:42:11 GMT
vary
Accept, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
d1osklryjqvqhj.cloudfront.net
via
1.1 7fb6a67b54f1292982508050e491d34c.cloudfront.net (CloudFront)
cf-ray
8e0ec9709a3c4c48-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
1030
server
cloudflare
script.js
direct.groteck.ru/pdn/ 		483 B
786 B 		Script
General
Check archive.org
Download Go to
Full URL
https://direct.groteck.ru/pdn/script.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
195.146.82.42 , Russian Federation, ASN8241 (RELLINE-AS, RU),
Reverse DNS
www.telenews.ru
Software
Apache/2.2.27 (CentOS) /
Resource Hash
d655dabe2eeec30d23863bc6739144a47e57e1cd72e6308687b0a1bcf2da442a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

ETag
"18082f3-1e3-5f63d6666bbc0"
Connection
close
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
483
Date
Mon, 11 Nov 2024 13:56:40 GMT
Last-Modified
Mon, 06 Mar 2023 16:00:55 GMT
Content-Type
application/x-javascript
Server
Apache/2.2.27 (CentOS)
act2.min.js
cdn2.hubspot.net/hubfs/273774/mp/act2/js/ 		252 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/273774/mp/act2/js/act2.min.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169a3f2a726a4d03ddd1d47092ded2e17c0be86f2e6290dc84e2f109028268e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
content-encoding
br
cf-cache-status
HIT
etag
W/"363b08296ba43c766ada8316239266e1"
age
1966129
cache-tag
F-5519779200,FD-5519778856,P-273774,FLS-ALL
x-amz-version-id
CSbiiVZPKihv3I7TouJHxUl68zQozZqY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aYxpdMEIm6sm%2F%2ByQKlB3hGEA7cUQj1okP4N1e23X6Fr1QR1b5M5LqC%2FrcJi4Qof22K0gRVmuhG5YZuGFC221L0K90zI2e4rjudGq7tQSvswZsy99c6ipTkxVliFvw9IzX%2BM%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
riJ2_WUKqOzapFLuiWCtcDsur9Bk2jrIvjl17cfnId-aHtUJwlqkRQ==
content-type
application/javascript
last-modified
Wed, 26 Aug 2020 16:06:13 GMT
x-amz-meta-index-tag
none
x-amz-replication-status
COMPLETED
edge-cache-tag
F-5519779200,FD-5519778856,P-273774,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id
4TZGD3Y5VQ8CQ0SJ
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag
F-5519779200,FD-5519778856,P-273774,FLS-ALL
server
cloudflare
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET
date
Mon, 11 Nov 2024 13:56:39 GMT
vary
Accept-Encoding
x-amz-id-2
mPQoeLcw6yhKrcjZdFcp8619utGis+19VlYKv80xdV6MQ4y3/9wWB51NbZnZHAXpulFjMEFoqJQ=
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
cdn2.hubspot.net
via
1.1 93e8dd23d88af09ca92735030b465106.cloudfront.net (CloudFront)
cf-ray
8e0ec970a8bf526c-MXP
access-control-allow-origin
*
x-amz-cf-pop
IST50-P3
x-amz-meta-created-unix-time-millis
1516075539064
embed.js
static.hsappstatic.net/content-cwv-embed/static-1.1293/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hsappstatic.net/content-cwv-embed/static-1.1293/embed.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.172.91 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb5224674e43d02db0037517f4aa29ba5ce9ddd0672e513cc7289714ba657522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"f667e53d5752ee2e5759f3dfaf20d330"
x-amz-version-id
AFGFBaAC1397GFbOapH2DRIkjQ_NaZzY
age
219817
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=snwjl5PYq0WpQ2irhGfiOuQC7jI7kIf%2F%2B7HmaKwJgpQhAU3Xgq%2FwmspMpB2xG5EpGHm7MWNLyLcEPm6b%2B%2BLeq%2FNx%2Bryakku%2BfBjm%2FbMwEeCzM%2BVDW1oyhCGJNSnQ%2B%2F6uJRuJsJXh%2Fdg%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 11 Nov 2025 13:56:40 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Ou-sFMOKDY1ueRHDlKtx-6Q-4URhNnD4Vmd7fS0abhITOtlB3DZlIA==
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 19:59:06 GMT
vary
Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
via
1.1 1c3c1c03f4bbd4e68725363918cb3454.cloudfront.net (CloudFront)
cf-ray
8e0ec976ba0c4c4f-MXP
x-amz-cf-pop
FRA60-P6
server
cloudflare
x-amz-server-side-encryption
AES256
2037604.js
www.itsec.ru/hs/scriptloader/ 		2 KB
932 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/scriptloader/2037604.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8596409e60c4d10f083bd3d8d4f67957b0a313add58c37b7fefe041630a17ed0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

access-control-max-age
3600
content-encoding
gzip
cf-cache-status
HIT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:39 GMT
x-hubspot-correlation-id
de5ed6a7-8a54-414d-8145-a8d0456e4cd1
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:42:33 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
access-control-allow-credentials
true
cf-ray
8e0ec9709a424c48-MXP
accept-ranges
bytes
access-control-allow-origin
https://lib.itsec.ru
content-length
672
server
cloudflare
index.js
www.itsec.ru/hs/hsstatic/HubspotToolsMenu/static-1.354/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"3ef0deda0631561665e95645daf500a2"
age
805960
x-amz-version-id
O3iI8Pl3bd7LIBbSsE98q3XHW8vfw5hp
expires
Tue, 11 Nov 2025 13:56:39 GMT
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
zpKoCi7FtxStMctg6wX4LYiA_Q0KqcPdzlaEQ_TLjdYJPIatB6VHFw==
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
application/javascript
last-modified
Wed, 21 Aug 2024 20:24:20 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 2fb3ffc33eb22f3ef34dcbe535744fea.cloudfront.net (CloudFront)
cf-ray
8e0ec970aa464c48-MXP
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
watch.js
mc.yandex.ru/metrika/ 		152 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548daca63b0812df9494af000ccf7d4eec2728ef65cd94ae6a1aec0e89ef860a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"672b9036-d779"
expires
Mon, 11 Nov 2024 14:56:40 GMT
access-control-allow-origin
*
content-length
55161
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		239 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jmgxxgLr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-jmgxxgLr' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=13, mss=1288, tbw=2904, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
bNaj4NbZ2RL8WOKOEJ01VaeIAeVEyCJZhd947vrrU9oPVhxLHvhMrgcFrltlIRcXra640GkRbF/PffnmC1kYgQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62105
x-xss-protection
0
origin-agent-cluster
?1
rtrg
vk.com/ 		49 B
719 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-224345-byty3
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv164-137-240-87.vk.com
Software
kittenx / KPHP/7.4.119336
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-frontend
front656402
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
strict-transport-security
max-age=15768000
cache-control
no-store
access-control-expose-headers
X-Frontend
content-encoding
gzip
x-trace-id
vrcHs5a-e3cr55BjzKQeJoIL-JFXtQ
server-timing
tid;desc="vrcHs5a-e3cr55BjzKQeJoIL-JFXtQ"
content-length
65
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
image/gif
x-powered-by
KPHP/7.4.119336
server
kittenx
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:300,500,700|Montserrat:300,500,700
Requested by
Host: 2037604.fs1.hubspotusercontent-eu1.net
URL: https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.170 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f170.1e100.net
Software
ESF /
Resource Hash
294d553c154e514c21f96bbd591e2b7f24259a1eb57151d14e3122df31f2999b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 13:56:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Mon, 11 Nov 2024 13:56:39 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: 2037604.fs1.hubspotusercontent-eu1.net
URL: https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css

Response headers

cdn-status
200
content-encoding
br
cf-cache-status
HIT
etag
"269550530cc127b6aa5a35925a7de6ce"
age
458207
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:39 GMT
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cdn-cache
HIT
cdn-cachedat
10/17/2024 22:45:09
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e892c78fa29b11fad1bfd6202dd9f3be
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.04
cf-ray
8e0ec9734f860e07-MXP
access-control-allow-origin
*
cdn-edgestorageid
1078
server
cloudflare
cdn-requestcountrycode
DE
act2.updates.min.css
273774.fs1.hubspotusercontent-na1.net/hubfs/273774/mp/act2/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://273774.fs1.hubspotusercontent-na1.net/hubfs/273774/mp/act2/css/act2.updates.min.css
Requested by
Host: 2037604.fs1.hubspotusercontent-eu1.net
URL: https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.146.132 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bf69d980b552a049ddb45e289113da7aeddd905f64c2222b2a5b217b168165bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"e906c006607d82956be933c3089c3487"
age
978598
cache-tag
F-5520011171,FD-5520013174,P-273774,FLS-ALL
x-amz-version-id
o0UzfNnXEerqT6vY1HP4CLr085O8AdfS
access-control-allow-methods
GET
x-cache
RefreshHit from cloudfront
x-amz-cf-id
7lSpEfCZfEXD-Nmayt4UjX-lyj9x7GTFag0M0TJwpymMh5paiURGCg==
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
text/css
last-modified
Mon, 03 Dec 2018 13:14:14 GMT
vary
Accept-Encoding
x-amz-id-2
dZc2ZIWaw4BoCZdLErzZTWJwDANnptNntLeUpjH6ofy4SDJs12dHYB6C6N46qadIRLh03e0i4k0=
edge-cache-tag
F-5520011171,FD-5520013174,P-273774,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
273774.fs1.hubspotusercontent-na1.net
via
1.1 5a9fdee27256334715c1d3434faee45e.cloudfront.net (CloudFront)
cf-ray
8e0ec970bddf0e43-MXP
x-amz-request-id
398YJ3AMYDMYYVPF
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
access-control-allow-origin
*
x-amz-meta-cache-tag
F-5520011171,FD-5520013174,P-273774,FLS-ALL
x-amz-cf-pop
MXP53-P2
server
cloudflare
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
current.js
www.itsec.ru/hs/cta/cta/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/cta/current.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
e4595ca6-696a-4d6d-b669-e6f4d3c0d530
content-encoding
br
cf-cache-status
HIT
etag
W/"49dc870f22dc7e8bef174360be6097bc"
age
120
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-amz-version-id
W9oj2sVh6Qn00LXbZPOqsSo8Yj5Mq5qt
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
DgiEHfnZ_MPXhJDYqtIXwUxyE-J3VN3ly9jZwcCLka3eYVtN6dU9HA==
x-hubspot-correlation-id
e4595ca6-696a-4d6d-b669-e6f4d3c0d530
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 11:44:56 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-2zl96
x-envoy-upstream-service-time
0
x-hs-target-asset
cta-embed-js/static-1.323/bundles/current.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.323/bundles/current.js&cfRay=8deabe8521c4d39d-FRA
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cf-ray
8e0ec96998324c48-MXP
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P2
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v29/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,500,700|Montserrat:300,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.itsec.ru
Referer
https://fonts.googleapis.com/

Response headers

age
409940
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 20:04:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 20:04:20 GMT
last-modified
Wed, 06 Nov 2024 17:30:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
23836
x-xss-protection
0
server
sffe
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:300,500,700|Montserrat:300,500,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f3.1e100.net
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.itsec.ru
Referer
https://fonts.googleapis.com/

Response headers

age
413457
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 19:05:43 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 19:05:43 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
tag.js
mc.yandex.ru/metrika/ 		220 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
content-encoding
br
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"672b9036-129f3"
expires
Mon, 11 Nov 2024 14:56:40 GMT
access-control-allow-origin
*
content-length
76275
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
application/javascript
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
current.js
www.itsec.ru/hs/cta/cta/ 		19 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/cta/current.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
e4595ca6-696a-4d6d-b669-e6f4d3c0d530
content-encoding
br
cf-cache-status
HIT
etag
W/"49dc870f22dc7e8bef174360be6097bc"
age
120
cache-tag
staticjsapp-CtaEmbed-cloudflare-web-prod,staticjsapp-prod
x-amz-version-id
W9oj2sVh6Qn00LXbZPOqsSo8Yj5Mq5qt
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
DgiEHfnZ_MPXhJDYqtIXwUxyE-J3VN3ly9jZwcCLka3eYVtN6dU9HA==
x-hubspot-correlation-id
e4595ca6-696a-4d6d-b669-e6f4d3c0d530
content-type
application/javascript; charset=utf-8
last-modified
Thu, 10 Oct 2024 11:44:56 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-2zl96
x-envoy-upstream-service-time
0
x-hs-target-asset
cta-embed-js/static-1.323/bundles/current.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
x-hs-cache-status
HIT
date
Mon, 11 Nov 2024 13:56:38 GMT
vary
accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=cta-embed-js/static-1.323/bundles/current.js&cfRay=8deabe8521c4d39d-FRA
via
1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
cf-ray
8e0ec96998324c48-MXP
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P2
bottom-shadow5.png
cdn2.hubspot.net/hub/273774/file-1281286278-png/mp/themes/Act-Theme/images/ 		487 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn2.hubspot.net/hub/273774/file-1281286278-png/mp/themes/Act-Theme/images/bottom-shadow5.png
Requested by
Host: 2037604.fs1.hubspotusercontent-eu1.net
URL: https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hub_generated/template_assets/6718423179/1689781039000/Coded_files/Custom/page/Act2/Act2_IS.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4959378bb5307475ed3f59d4243cae7175db8b29958386b869b6881776f9b920

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://2037604.fs1.hubspotusercontent-eu1.net/

Response headers

x-robots-tag
all
cf-cache-status
HIT
etag
"80515adb2b0b67cf2af4b65a34419acd"
age
766615
cache-tag
F-1281286278,FD-1146626711,P-273774,FLS-ALL
x-amz-version-id
0MBsVuTF6ssUsnlDy0FqeIVv.momltc1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lT2BfAXQ7fMIY39ObA%2F5BcnUd91xurgnNPn4l%2FS5x1Gncl%2FwMxVnNGuT0iS8WlI7KLHInFLEQ0JrGDeWBfZ1yzjSuJosFEpxhg5jc%2FdzCw6LpfoLF%2BVfL3%2BvqJOFVUoxZP0%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
SxRssI3wl8-m3mP6otNQtznlbb4CZh1Axgs99yYqDjeBv4-I9AWRCQ==
content-type
image/png
last-modified
Tue, 14 Feb 2023 19:50:55 GMT
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
edge-cache-tag
F-1281286278,FD-1146626711,P-273774,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id
6G5P4XF8DKVS1EDN
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
accept-ranges
bytes
x-amz-meta-cache-tag
F-1281286278,FD-1146626711,P-273774,FLS-ALL
content-length
487
server
cloudflare
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption
AES256
cf-bgj
imgq:85,h2pri
access-control-allow-methods
GET
x-amz-storage-class
INTELLIGENT_TIERING
cf-polished
origSize=1546, status=webp_bigger
date
Mon, 11 Nov 2024 13:56:39 GMT
vary
Accept-Encoding
x-amz-id-2
Qlzs4alO2Anp+gA8jSi8YdRzguc2aQoKKnNKWvM8EUkU2Z826DumtJJ89ixrZaHMz7Xrr1rXcHdIRxVHOVkS0ky0XseQ1Ds3
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
cdn2.hubspot.net
via
1.1 b8f7ec2a292687370773a41cd1bdc97a.cloudfront.net (CloudFront)
cf-ray
8e0ec9740dae526c-MXP
access-control-allow-origin
*
x-amz-cf-pop
MXP64-C2
x-amz-meta-created-unix-time-millis
1405780388233
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.itsec.ru
Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Response headers

cdn-status
200
cf-cache-status
HIT
etag
"af7ae505a9eed503f8b8e6982036873e"
age
98430
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
font/woff2
last-modified
Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat
10/27/2024 17:02:03
cdn-cache
HIT
cdn-requestpullcode
200
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-requestpullsuccess
True
timing-allow-origin
*
cdn-requesttime
0
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
e91811d8df519b1783833fdfad657249
cross-origin-resource-policy
cross-origin
cdn-pullzone
252412
cdn-proxyver
1.05
cf-ray
8e0ec976da4f4c57-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
77160
cdn-edgestorageid
752
server
cloudflare
cdn-requestcountrycode
US
itsec-cybersecurity-02-1.jpeg
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/
Redirect Chain
  • https://2037604.fs1.hubspotusercontent-na1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-02-1.jpeg?width=1076&name=itsec-cybersecurity-02-1.jpeg
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-02-1.jpeg?width=1076&name=itsec-cybersecurity-02-1.jpeg
159 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-02-1.jpeg?width=1076&name=itsec-cybersecurity-02-1.jpeg
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1fb1acc5b64bca72edb668e9e05a5713998b18faa3ce7c4e72547b9f15f0045
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cf-cache-status
HIT
etag
"cfayCjeROLqTsSDmzoAnIkp7JKfkZlSNmY0t1NqvZgDQ:97c983330eebd157e89c19d4cf427c24"
cache-tag
F-85581420720,FD-4339519023,P-2037604,FLS-ALL
cf-resized
internal=ok/h q=0 n=42+148 c=41+107 v=2024.10.0 l=163200 f=false
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
image/webp
last-modified
Fri, 02 Feb 2024 18:50:19 GMT
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-ray
8e0ec974fadf0e11-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
163200
server
cloudflare

Redirect headers

cf-ray
8e0ec9748b860e43-MXP
access-control-allow-origin
*
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-02-1.jpeg?width=1076&name=itsec-cybersecurity-02-1.jpeg
content-length
0
date
Mon, 11 Nov 2024 13:56:39 GMT
vary
Accept-Encoding
server
cloudflare
hack27-Nov-11-2024-10-54-31-2860-AM.jpg
www.itsec.ru/hs-fs/hubfs/ISR/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itsec.ru/hs-fs/hubfs/ISR/hack27-Nov-11-2024-10-54-31-2860-AM.jpg?width=400&height=267&name=hack27-Nov-11-2024-10-54-31-2860-AM.jpg
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
db01e1527607dc08fd59d6e431a2383e9d757b91f54c8bae6b13ad0d43ec800d
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cf-cache-status
MISS
etag
"cfx150OmPvvdUKfNh-VWxzPcyXSDnBXPLLMlSPhqSiDQ:a8f47f98a81d6ba3e4979e6d6307016c"
cache-tag
F-187279451366,FD-4168220528,P-2037604,FLS-ALL
cf-resized
internal=ok/m q=0 n=63+23 c=1+22 v=2024.10.6 l=14086 f=false
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
image/webp
last-modified
Mon, 11 Nov 2024 10:54:32 GMT
vary
Accept, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
d1osklryjqvqhj.cloudfront.net
via
1.1 d77cbef22fc8484811b8c9df43178dee.cloudfront.net (CloudFront)
cf-ray
8e0ec9744f8d4c48-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
14086
server
cloudflare
itsec-cybersecurity-01-1.jpeg
2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/
Redirect Chain
  • https://2037604.fs1.hubspotusercontent-na1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-01-1.jpeg?width=1436&name=itsec-cybersecurity-01-1.jpeg
  • https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-01-1.jpeg?width=1436&name=itsec-cybersecurity-01-1.jpeg
71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-01-1.jpeg?width=1436&name=itsec-cybersecurity-01-1.jpeg
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444e15d0c62dc22f23cf26bf94fc27fbd43c63b6a3d4303b193fe6dd9d438fd0
Security Headers
Name Value
Content-Security-Policy default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cf-cache-status
HIT
etag
"cfqh48DwuwZhShkw5FxTFaohfiBbnGvCIyUmYH_nW-DQ:2a7e435bc48d8ed9e4e012c47a1a3e43"
cache-tag
F-85490972732,FD-4339519023,P-2037604,FLS-ALL
cf-resized
internal=ok/h q=0 n=39+321 c=122+198 v=2024.10.0 l=72540 f=false
cf-bgj
imgq:86,h2pri
x-content-type-options
nosniff
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
image/webp
last-modified
Fri, 02 Feb 2024 18:51:00 GMT
vary
Accept, Accept-Encoding
content-security-policy
default-src 'none'; navigate-to 'none'; form-action 'none'
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 4a95385e61c9df8f5f8de6338a3fe59a.cloudfront.net (CloudFront)
cf-ray
8e0ec9754b590e11-MXP
accept-ranges
bytes
access-control-allow-origin
*
content-length
72540
server
cloudflare

Redirect headers

cf-ray
8e0ec9747b850e43-MXP
access-control-allow-origin
*
location
https://2037604.fs1.hubspotusercontent-eu1.net/hub/2037604/hubfs/AOIP/itsec-cybersecurity-01-1.jpeg?width=1436&name=itsec-cybersecurity-01-1.jpeg
content-length
0
date
Mon, 11 Nov 2024 13:56:39 GMT
vary
Accept-Encoding
server
cloudflare
openapi.c340c125c61ec5745ebb2a98626e46ab.js
vk.com/dist/public/api/
Redirect Chain
  • https://vk.com/js/api/openapi.js?168
  • https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
56 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv164-137-240-87.vk.com
Software
kittenx /
Resource Hash
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-frontend
front652638, front656402
cache-control
max-age=345600
access-control-expose-headers
X-Frontend
content-encoding
br
x-trace-id
VdrIACfiu2GCcwjag8XQW8GCe2PDtA
expires
Fri, 15 Nov 2024 13:56:40 GMT
server-timing
tid;desc="VdrIACfiu2GCcwjag8XQW8GCe2PDtA",front;dur=0.161
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
text/javascript; charset=utf-8
last-modified
Tue, 22 Oct 2024 03:04:00 GMT
server
kittenx
vary
Accept-Encoding, Available-Dictionary

Redirect headers

x-frontend
front656402
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
strict-transport-security
max-age=15768000
cache-control
no-store
location
/dist/public/api/openapi.c340c125c61ec5745ebb2a98626e46ab.js?168
content-encoding
gzip
access-control-expose-headers
X-Frontend
x-trace-id
_-7kr8isHLEQNmjxhu85H7y_0QmkiA
server-timing
tid;desc="_-7kr8isHLEQNmjxhu85H7y_0QmkiA",front;dur=0.296
content-length
20
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
text/html; charset=windows-1251
x-powered-by
KPHP/7.4.119336
server
kittenx
act2.min.js
cdn2.hubspot.net/hubfs/273774/mp/act2/js/ 		252 KB
1006 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn2.hubspot.net/hubfs/273774/mp/act2/js/act2.min.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.91.62 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
169a3f2a726a4d03ddd1d47092ded2e17c0be86f2e6290dc84e2f109028268e2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
content-encoding
br
cf-cache-status
HIT
x-amz-version-id
CSbiiVZPKihv3I7TouJHxUl68zQozZqY
age
1966129
cache-tag
F-5519779200,FD-5519778856,P-273774,FLS-ALL
etag
W/"363b08296ba43c766ada8316239266e1"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=G8fPHHQa%2BHuTWdU8xwZDGAMtxtjXwvzf15SihCSeZhAXZ4EhOhV0jIZM4UKFfOLT0grszWnYi%2FUW1W7XsLDAHjD2UsMkJNzVDAMuakDHmI%2BVxxk9WEDNtbzJXe2z2xHM24s%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
x-cache
Miss from cloudfront
x-amz-cf-id
riJ2_WUKqOzapFLuiWCtcDsur9Bk2jrIvjl17cfnId-aHtUJwlqkRQ==
last-modified
Wed, 26 Aug 2020 16:06:13 GMT
content-type
application/javascript
x-amz-meta-index-tag
none
x-amz-replication-status
COMPLETED
edge-cache-tag
F-5519779200,FD-5519778856,P-273774,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id
4TZGD3Y5VQ8CQ0SJ
x-hs-cf-lambda-enforce
us-east-1.EnforceAclForReads 3
x-amz-meta-cache-tag
F-5519779200,FD-5519778856,P-273774,FLS-ALL
server
cloudflare
x-hs-cf-lambda
us-east-1.EnforceAclForReads 3
x-amz-server-side-encryption
AES256
access-control-allow-methods
GET
date
Mon, 11 Nov 2024 13:56:39 GMT
vary
Accept-Encoding
x-amz-id-2
mPQoeLcw6yhKrcjZdFcp8619utGis+19VlYKv80xdV6MQ4y3/9wWB51NbZnZHAXpulFjMEFoqJQ=
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
timing-allow-origin
cdn2.hubspot.net
via
1.1 93e8dd23d88af09ca92735030b465106.cloudfront.net (CloudFront)
cf-ray
8e0ec9748e5f526c-MXP
access-control-allow-origin
*
x-amz-cf-pop
IST50-P3
x-amz-meta-created-unix-time-millis
1516075539064
2037604.js
js-eu1.hs-analytics.net/analytics/1731332400000/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-analytics.net/analytics/1731332400000/2037604.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/scriptloader/2037604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86e34b695c557f3b3c305182fbd7d58acbbf698f73bf97e00286e665d356cd2e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-amz-server-side-encryption
AES256
x-request-id
da704ed9-2fc5-42e0-a41e-3a0f9cae03eb
content-encoding
gzip
cf-cache-status
HIT
etag
W/"caea13308953a84b7c80ea2a76272c2e"
expires
Mon, 11 Nov 2024 13:57:49 GMT
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
da704ed9-2fc5-42e0-a41e-3a0f9cae03eb
content-type
text/javascript
last-modified
Sun, 03 Nov 2024 20:06:02 GMT
vary
origin, Accept-Encoding
x-amz-id-2
biIPGRMTSihyBRk5FQPVxRERGdStMnmj9bej+3dEi3mxgxFCo9P9S5igoZHfvRwnvBOm0GaOg4o=
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-7c7578766c-qm2s5
x-envoy-upstream-service-time
65
access-control-allow-credentials
false
x-amz-request-id
BT4NPAAK0R0XJT5P
cf-ray
8e0ec976dbaf3756-MXP
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
leadflows.js
js-eu1.hsleadflows.net/ 		550 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hsleadflows.net/leadflows.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/scriptloader/2037604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.239.55 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.itsec.ru
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
e2f60e24-b6f7-4357-ac14-e42af1c88a69
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
1P48dmUoAxkQ57N6qBxgDzS3oBmZAXBF
etag
W/"ce26171eff05376a1b746efbb809f7f6"
cache-tag
staticjsapp-lead-flows-cloudflare-web-prod,staticjsapp-prod
x-content-type-options
nosniff
x-cache
Miss from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
3jd84iGgrPQj4q1aQjBEZrKFL_juLP1MQyKjk14Y5McIYvvHQa6z4Q==
x-hubspot-correlation-id
e2f60e24-b6f7-4357-ac14-e42af1c88a69
content-type
application/javascript; charset=utf-8
last-modified
Wed, 09 Oct 2024 10:17:06 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
s-maxage=86400, max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-2zl96
x-envoy-upstream-service-time
593
x-hs-target-asset
lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Mon, 11 Nov 2024 13:56:40 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=lead-flows-js/static-1.1724/bundle/main/lead-flows-release.js&cfRay=8e0acb351f5809b3-ARN
via
1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
cf-ray
8e0ec976efec5255-MXP
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P2
web-interactives-embed.js
js-eu1.hubspot.com/ 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hubspot.com/web-interactives-embed.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/scriptloader/2037604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.itsec.ru
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
76f88dc3-c05e-4211-a7d3-909948159ff5
content-encoding
gzip
cf-cache-status
HIT
x-amz-version-id
CxKDbkLWIG8oARp7ZgYVTZrOz3tr7GRC
etag
W/"83516cb36bba59046b931d3496c56b0c"
cache-tag
staticjsapp-web-interactives-embed-web-prod,staticjsapp-prod
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHscGfS7N8eFFz3CFZVH7qk82blMMoeF0pTiZH2Shhixscye41bs%2Fwdw05Gm%2Bn4l2nI7AhU8Ybrxh7FAKYtXTR6yc6Qslayn227BuEomn2S2hZqnlKCp9zR1yh1V22yD0ntAtg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-evy-trace-listener
listener_https
x-amz-cf-id
KI2x415emYQaQ_WZKzNmN0i1RsEV3cuofzl93Cc8bbEQGx1UvWOnMw==
x-hubspot-correlation-id
76f88dc3-c05e-4211-a7d3-909948159ff5
content-type
application/javascript; charset=utf-8
last-modified
Fri, 01 Nov 2024 15:51:22 UTC
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-8ns26
x-envoy-upstream-service-time
8
x-hs-target-asset
web-interactives-embed/static-2.1648/bundles/project.js
server
cloudflare
x-evy-trace-virtual-host
all
x-amz-server-side-encryption
AES256
access-control-max-age
3000
access-control-allow-methods
GET
x-hs-cache-status
MISS
date
Mon, 11 Nov 2024 13:56:40 GMT
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method,accept-encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=web-interactives-embed/static-2.1648/bundles/project.js&cfRay=8e05da99394e2e12-FRA
via
1.1 9015971351bc982a04ee209a022bb1f8.cloudfront.net (CloudFront)
cf-ray
8e0ec9784a4083b2-MXP
access-control-allow-origin
*
x-evy-trace-route-configuration
listener_https/all
x-amz-cf-pop
FRA56-P2
2037604.js
js-eu1.hs-banner.com/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.hs-banner.com/2037604.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/scriptloader/2037604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c36e430705ffb6e710c558e6798de6e87eceef9afafcfbd85ba31d645ffa8eb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-evy-trace-virtual-host
all
access-control-max-age
604800
x-request-id
9d88ebe1-f2f1-4ea4-869b-c013e1a73ddf
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
content-encoding
gzip
cf-cache-status
HIT
etag
W/"91f07d5d62daa0a32475771367019c75"
x-amz-version-id
e0VAOQdwYjSg6B8o6yHVYAqQqovrCAqE
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
expires
Mon, 11 Nov 2024 13:58:27 GMT
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
9d88ebe1-f2f1-4ea4-869b-c013e1a73ddf
content-type
text/javascript; charset=UTF-8
last-modified
Wed, 23 Oct 2024 16:26:00 GMT
vary
origin, Accept-Encoding
x-amz-id-2
VfhxqdxERPzHzmT3IPAzKXXWtUGvA9Zoz9op6Zrx9YDllE3kJzQZo4dnVF/j8tzEd+KTRfIYJrBX4yPw5QovxQ==
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=300,public
timing-allow-origin
*
x-evy-trace-served-by-pod
fra04/analytics-js-proxy-td/envoy-proxy-d5c664b49-c9qx7
x-envoy-upstream-service-time
36
access-control-allow-credentials
true
x-amz-request-id
FWY36TQ2YPC4PE7V
cf-ray
8e0ec9785c2b4bdb-MXP
access-control-allow-origin
https://www.all-over-ip.ru
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-amz-server-side-encryption
AES256
conversations-embed.js
js-eu1.usemessages.com/ 		93 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-eu1.usemessages.com/conversations-embed.js
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/scriptloader/2037604.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-evy-trace-virtual-host
all
x-request-id
15645f6a-fb7b-4276-a992-72a7f2301351
content-encoding
gzip
cf-cache-status
HIT
etag
W/"437fb84b40fd41c605a366d14a984219"
x-amz-version-id
GnpHiVDEdERXJOUylwbQwpaNqjGhipG0
cache-tag
staticjsapp-conversations-embed-web-prod,staticjsapp-prod
age
543
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-hs-cache-status
MISS
x-amz-cf-id
t4sWV10VKALY7a702ni5jNBnZ7_SX8erFWsV2kSoHguX2vfJ-pdePQ==
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
15645f6a-fb7b-4276-a992-72a7f2301351
content-type
application/javascript; charset=utf-8
last-modified
Thu, 31 Oct 2024 16:46:07 UTC
vary
accept-encoding
x-evy-trace-listener
listener_https
x-amz-replication-status
COMPLETED
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=600
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-p7b5p
x-envoy-upstream-service-time
6
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-embed/static-1.18525/bundles/project.js&cfRay=8dc06d0f6fa3bc04-FRA
via
1.1 997d50190609a53c76124b45ad43b3ec.cloudfront.net (CloudFront)
cf-ray
8e0ec97a68920d6d-MXP
x-evy-trace-route-configuration
listener_https/all
x-hs-target-asset
conversations-embed/static-1.18525/bundles/project.js
x-amz-cf-pop
FRA60-P6
server
cloudflare
x-amz-server-side-encryption
AES256
js
www.googletagmanager.com/gtag/ 		358 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7VCBG2SCQS&l=dataLayer&cx=c&gtm=457e4b70za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115765294-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ef69230a5691630a76604fedaef593e8a1719117980b7bf29b3ddebb7db8e38b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 11 Nov 2024 13:56:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:56:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
122070
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115765294-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
age
1591
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 15:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7VCBG2SCQS&gtm=45je4b70v9119679395za200&_p=1731333399108&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629&cid=1813968562.1731333400&ecid=1435931127&ul=it-it&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&ec_mode=a&_eu=EAAI&_s=1&sid=1731333400&sct=1&seg=0&dl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&dt=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=4369
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7VCBG2SCQS&l=dataLayer&cx=c&gtm=457e4b70za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.itsec.ru
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
552 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7VCBG2SCQS&cid=1813968562.1731333400&gtm=45je4b70v9119679395za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7VCBG2SCQS&l=dataLayer&cx=c&gtm=457e4b70za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.itsec.ru
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 03A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-7VCBG2SCQS&gacid=1813968562.1731333400&gtm=45je4b70v9119679395za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629&z=504995217
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7VCBG2SCQS&l=dataLayer&cx=c&gtm=457e4b70za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 11 Nov 2024 13:56:40 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
has-permission-json
app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/ 		0
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app-eu1.hubspot.com/content-tools-menu/api/v1/tools-menu/has-permission-json?portalId=2037604
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/hsstatic/HubspotToolsMenu/static-1.354/js/index.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-request-id
2cb111d9-e694-44f3-8153-beb4f262b6c0
cf-cache-status
DYNAMIC
x-hs-worker-debug-mode
false
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
access-control-allow-methods
GET
x-content-type-options
no-sniff
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
2cb111d9-e694-44f3-8153-beb4f262b6c0
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8e0ec97849e283be&resource=unknown"
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-kdllb
x-envoy-upstream-service-time
3
access-control-allow-credentials
true
cf-ray
8e0ec97849e283be-MXP
access-control-allow-origin
https://www.itsec.ru
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
ajax-loader.gif
www.itsec.ru/hs/hsstatic/slick/static-1.56/slick/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.itsec.ru/hs/hsstatic/slick/static-1.56/slick/ajax-loader.gif
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/hsstatic/slick/static-1.56/bundles/project.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/hs/hsstatic/slick/static-1.56/bundles/project.css

Response headers

cf-cache-status
HIT
etag
"c5cd7f5300576ab4c88202b42f6ded62"
age
464250
x-amz-version-id
.FKb7bZ44Qe5xodlzD539BPLAS_1Y2xj
expires
Tue, 11 Nov 2025 13:56:40 GMT
alt-svc
h3=":443"; ma=86400
x-cache
RefreshHit from cloudfront
x-amz-cf-id
vIu-9vOCiY9TbmsbFmrDjkA8UXA77QxtqLEQtQ1YqCsbZIHfZiP-8A==
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
image/gif
last-modified
Tue, 29 Sep 2020 17:48:04 GMT
vary
accept-encoding
strict-transport-security
max-age=31536000
x-amz-replication-status
COMPLETED
cache-control
public, max-age=31536000
via
1.1 3252b1165fb05fd246176fba3cd1b1a4.cloudfront.net (CloudFront)
cf-ray
8e0ec977ac9c4c48-MXP
accept-ranges
bytes
content-length
4178
x-amz-cf-pop
MXP53-P4
server
cloudflare
x-amz-server-side-encryption
AES256
public
api-eu1.hubapi.com/comments/v3/comments/thread/ 		75 B
629 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api-eu1.hubapi.com/comments/v3/comments/thread/public?portalId=2037604&offset=0&limit=1000&contentId=187281761483&collectionId=6551927956&callback=jsonp_1731333400261_97900
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/comment_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.90.99 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
615bee72e20548bc94767e3de4af6419b4f94d0ff2d0b3a807421444dcd9ac07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KsHUcfkfp7xXxQPk41eeOzQCZUrDluC1zQqM8NflL2k5E8JwM3pDL6ymoX3YJqWdnNMqzunl7iGI28%2BiuTcaxyf1%2B5M9wfndv5bI4aNz41tDLbsG4Mdi96W9vbvxw9gljz9dzA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
false
x-content-type-options
nosniff
cf-ray
8e0ec97aefbbbb31-MXP
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
ab998706-882e-48dd-809d-c02f13935024
content-type
application/javascript; charset=utf-8
vary
origin
server
cloudflare
postlisting
www.itsec.ru/_hcms/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/_hcms/postlisting?blogId=6551927956&maxLinks=10&listingType=recent&orderByViews=false&hs-expires=1762869397&hs-version=2&hs-signature=ABrwmkdLsssIPV5IwM8B3uWNHYJWIUw6dQ&currentUrl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
086fffacf41faf8806924066fb22c92c9c54be630aef15e24215e6134945f065
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
0b2e719d-496c-4a7a-8d83-127f7b0cf283
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
0b2e719d-496c-4a7a-8d83-127f7b0cf283
content-type
application/json;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:40 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/cms-td/envoy-proxy-6c8cd89f4f-5lt89
x-envoy-upstream-service-time
23
access-control-allow-credentials
false
cf-ray
8e0ec977bcb94c48-MXP
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
postlisting
www.itsec.ru/_hcms/ 		2 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/_hcms/postlisting?blogId=6461327942&maxLinks=10&listingType=popular_all_time&orderByViews=true&hs-expires=1762869397&hs-version=2&hs-signature=ABrwmkccIvMkgHX6N1wQrS_M8m6FKbzkAQ&currentUrl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/hsstatic/AsyncSupport/static-1.122/js/post_listing_asset.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
e3545926-d812-4587-8336-45c921f43227
cf-cache-status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
e3545926-d812-4587-8336-45c921f43227
content-type
application/json;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:40 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/cms-td/envoy-proxy-6c8cd89f4f-565q2
x-envoy-upstream-service-time
31
access-control-allow-credentials
false
cf-ray
8e0ec977bcbf4c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
2
server
cloudflare
x-evy-trace-virtual-host
all
cta-json
cta-eu1.hubspot.com/ctas/v2/public/cs/
Redirect Chain
  • https://cta-service-cms2.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&pageId=187281761483&pid=2037604&sv=cta-e...
  • https://cta-eu1.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&pageId=187281761483&pid=2037604&sv=cta-embed-js-s...
29 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cta-eu1.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&pageId=187281761483&pid=2037604&sv=cta-embed-js-static-1.323&rdy=1&cos=1&df=t&pg=1693d999-d02f-419f-bfb0-6ce57d598953&pg=45d90f48-7344-4e0d-a231-c951317dc6a7&pg=8af81c11-2396-4bf7-ae21-cc7da1369356&pg=ca0ec86d-029f-4743-ae4b-fa8076656ff3&pg=24d42685-c73d-44f9-a545-50c130655423&pg=1b22075b-9a31-425e-99b6-54bc096713d0&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=8df04822-3674-4a3c-99e2-baf7ab9c8590&pg=40178650-0529-4d70-8b82-b647c1d9909b&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=cf2d2246-b1ea-4037-9527-5b8285104d69
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
172.65.198.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f8d494f0000ee3afe0170b6a569016e38615f93e91953efbabd3e8735cc0200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
1316c0f3-a01a-488d-8558-a0c9617f3ef7
access-control-expose-headers
X-Origin-Hublet
content-encoding
gzip
cf-cache-status
DYNAMIC
x-origin-hublet
eu1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAnFBarw5Prlb0tE7ZSHS67pD2yYMMNgnJ0O78nj3l5kjhy7UQJE8MCFK5JkvkRPpmCxT2Psuevltxipfhy%2BzzixQEEFVGQeyZHrju%2BXEOAFP5UkeibkPiuZXsPMURyTECWd8pI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
1316c0f3-a01a-488d-8558-a0c9617f3ef7
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-hd88d
x-envoy-upstream-service-time
101
access-control-allow-credentials
true
cf-ray
8e0ec97a9a2f525b-MXP
access-control-allow-origin
null
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all

Redirect headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
285973ba-f936-4e20-8271-f705b8f7887d
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
DYNAMIC
x-origin-hublet
na1
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vefQLaNES%2FdE7JaFKh%2FEIdRHRGGBjcbcs9IGcghsiFaPwa3b4%2FZ9w5l%2BV7W%2F%2FLPW1Li9vzVR6hXPw699ww%2BfmmnIxyiU0YI8j0%2BQzAl8OhxkIjoEqKQ4YdzjC7uz7qvycisGDhBJolRqHHa6H9Q%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
OPTIONS, GET
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
285973ba-f936-4e20-8271-f705b8f7887d
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
location
https://cta-eu1.hubspot.com/ctas/v2/public/cs/cta-json?canon=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&pageId=187281761483&pid=2037604&sv=cta-embed-js-static-1.323&rdy=1&cos=1&df=t&pg=1693d999-d02f-419f-bfb0-6ce57d598953&pg=45d90f48-7344-4e0d-a231-c951317dc6a7&pg=8af81c11-2396-4bf7-ae21-cc7da1369356&pg=ca0ec86d-029f-4743-ae4b-fa8076656ff3&pg=24d42685-c73d-44f9-a545-50c130655423&pg=1b22075b-9a31-425e-99b6-54bc096713d0&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=8df04822-3674-4a3c-99e2-baf7ab9c8590&pg=40178650-0529-4d70-8b82-b647c1d9909b&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&pg=cf2d2246-b1ea-4037-9527-5b8285104d69
x-evy-trace-served-by-pod
iad02/star-hubspot-td/envoy-proxy-6c6b56f4b-fsknm
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
4
access-control-allow-credentials
true
cf-ray
8e0ec9781d9d0dc6-MXP
access-control-allow-origin
https://www.itsec.ru
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
rtrg
vk.com/ 		49 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/rtrg?p=VK-RTRG-868438-8y1w0&metatag_url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&metatag_title=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.240.137.164 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv164-137-240-87.vk.com
Software
kittenx / KPHP/7.4.119336
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-frontend
front656402
reporting-endpoints
default="https://vk.com/browser_reports?dest=default_reports"
strict-transport-security
max-age=15768000
cache-control
no-store
access-control-expose-headers
X-Frontend
content-encoding
gzip
x-trace-id
BwUQAHWhVk7VNJT7Lu2oL8o3mcskMA
server-timing
tid;desc="BwUQAHWhVk7VNJT7Lu2oL8o3mcskMA",front;dur=0.478
content-length
65
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
image/gif
x-powered-by
KPHP/7.4.119336
server
kittenx
195116441089902
connect.facebook.net/signals/config/ 		76 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/195116441089902?v=2.9.176&r=stable&domain=www.itsec.ru&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
4b37a0d07d5617c8a49fcbecaf0c15a62f2a4b04bdc642343fe8459d0c2462e3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-tmkhCNVM' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-tmkhCNVM' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=69, mss=1288, tbw=67724, tp=-1, tpl=-1, uplat=152, ullat=0
pragma
public
x-fb-debug
qXJCje5hB61rVKLPHnR99vT9JDZXQzFgwdfljHYl+HgRDpXd1YwlzDfS6L0C2HCWXu1FyDYAXoByfp6vta1PrQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
sync_cookie_image_finish
mc.yandex.ru/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=10550.f1WFe9J5tIQ3L9fG5Vf0jRBEhJlhA6GAZeRNLpUad9t9v6QsDizXPghEr6dEcwjC.j7zyCc9vrfsvXYeeBuks2Yg7zyg%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=10550.le97joZwuZM9GRt2MqoW7NS1wwoS_tyL45CrCcRYZqeSGW4AvzjUN8jqeDHi4R6hPtjVfRurOs4OBFn97QEyZs6gfN4GRJ5H4JmRWZ13Yis6-ov5VT-aOhChnZ8YMCyqeWHECAV9-7...
  • https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.gXwwyR5KYFBgntY_WQvIWKqDmymO4CarFH_tzira5l8ds833wvZEtj5_NcB_TtRlEYC6Rk3yLZvdux6XE7D1xVdXOU6-SLqplrAa8a-g7fH8h...
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.gXwwyR5KYFBgntY_WQvIWKqDmymO4CarFH_tzira5l8ds833wvZEtj5_NcB_TtRlEYC6Rk3yLZvdux6XE7D1xVdXOU6-SLqplrAa8a-g7fH8hGDnV02en9zuf6IUn7ZZtRmzRApCd2GYyiJZoANZBj34AT9f11CmXlaw-rYFshdp4kTuulKIr2xnO3Qex6-YHoih4lRM1v2jFNuEEetx_g%2C%2C.kJT6vUU7O7o925aBl3Km6YNdfJU%2C
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000
content-length
43
date
Mon, 11 Nov 2024 13:56:40 GMT
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000
location
https://mc.yandex.ru/sync_cookie_image_finish?redirect_domain=mc.yandex.com&token=10550.gXwwyR5KYFBgntY_WQvIWKqDmymO4CarFH_tzira5l8ds833wvZEtj5_NcB_TtRlEYC6Rk3yLZvdux6XE7D1xVdXOU6-SLqplrAa8a-g7fH8hGDnV02en9zuf6IUn7ZZtRmzRApCd2GYyiJZoANZBj34AT9f11CmXlaw-rYFshdp4kTuulKIr2xnO3Qex6-YHoih4lRM1v2jFNuEEetx_g%2C%2C.kJT6vUU7O7o925aBl3Km6YNdfJU%2C
date
Mon, 11 Nov 2024 13:56:40 GMT
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=3600
timing-allow-origin
*
etag
"672b9036-2b"
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Mon, 11 Nov 2024 14:56:40 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
43
date
Mon, 11 Nov 2024 13:56:40 GMT
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
content-type
image/gif
metrika_match.html
mc.yandex.com/metrika/ Frame 8252 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/metrika/metrika_match.html
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.158.134.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
access-control-allow-origin
*
cache-control
max-age=3600
content-encoding
br
content-length
1446
content-type
text/html
date
Mon, 11 Nov 2024 13:56:41 GMT
etag
"672b9036-5a6"
expires
Mon, 11 Nov 2024 14:56:41 GMT
last-modified
Wed, 06 Nov 2024 15:50:14 GMT
strict-transport-security
max-age=31536000
timing-allow-origin
*
combinedConfigs
cta-eu1.hubspot.com/web-interactives/public/v1/embed/ 		95 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cta-eu1.hubspot.com/web-interactives/public/v1/embed/combinedConfigs?portalId=2037604&currentUrl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&contentId=187281761483
Requested by
Host: js-eu1.hubspot.com
URL: https://js-eu1.hubspot.com/web-interactives-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.198.159 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
access-control-max-age
180
x-request-id
f2494412-6fd1-4584-9cd5-408e421b9f81
content-encoding
br
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=APW1n7zGr3s7XqcrE16LqcWjLc6CnZi2HAm7UvTUx%2Fob0Cgt6%2BOApoDDx%2FISUbEq9GK68fr5FYbDXefYi5mtQjPjWjhnIpRBubmANBw1PSvzOb5Rtkb4%2BnFtEIvil6AqL0ZVHYc%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
OPTIONS, GET
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
f2494412-6fd1-4584-9cd5-408e421b9f81
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-l2lvt
x-envoy-upstream-service-time
9
access-control-allow-credentials
true
cf-ray
8e0ec97aafe30e9d-MXP
access-control-allow-origin
https://www.itsec.ru
x-evy-trace-route-configuration
listener_https/all
server
cloudflare
x-evy-trace-virtual-host
all
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=195116441089902&ev=PageView&dl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&rl=&if=false&ts=1731333400567&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731333400566.330579514186110225&cs_est=true&ler=empty&cdl=API_unavailable&it=1731333400343&coo=false&rqm=GET
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1288, tbw=2932, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:40 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=195116441089902&ev=PageView&dl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&rl=&if=false&ts=1731333400567&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1731333400566.330579514186110225&cs_est=true&ler=empty&cdl=API_unavailable&it=1731333400343&coo=false&rqm=FGET
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7436020337730714707"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:41 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
NmJDF2VLWq6vvP4OHxs7PJuI/ZiRHOuRA0VwZrDI+aOGU/WC7XI6PNtbo982wiDS+28cfBi9ZYpSh2rEy2ObFA==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7436020337730714707", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=12, mss=1288, tbw=3250, tp=-1, tpl=-1, uplat=214, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
1
mc.yandex.com/watch/68360557/
Redirect Chain
  • https://mc.yandex.com/watch/68360557?wmode=7&page-url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&charset=utf-8&uah=chm%0A%3F...
  • https://mc.yandex.com/watch/68360557/1?wmode=7&page-url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&charset=utf-8&uah=chm%0A%...
704 B
909 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/68360557/1?wmode=7&page-url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A423533612494%3Ahid%3A175009476%3Az%3A60%3Ai%3A20241111145640%3Aet%3A1731333400%3Ac%3A1%3Arn%3A910004072%3Arqn%3A1%3Au%3A1731333400997179714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3895%3Awv%3A2%3Ads%3A35%2C688%2C1075%2C118%2C0%2C0%2C%2C2038%2C71%2C%2C%2C%2C4414%3Aco%3A0%3Acpf%3A1%3Ans%3A1731333395777%3Agi%3AR0ExLjEuMTgxMzk2ODU2Mi4xNzMxMzMzNDAw%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731333401%3At%3A%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
H2
Server
87.250.251.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
1dcb245cbec995b243e178717c99a77faa28a60da0d4e81ea9e13fe7a0767bdd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Mon, 11-Nov-2024 13:56:40 GMT
access-control-allow-origin
https://www.itsec.ru
content-length
704
date
Mon, 11 Nov 2024 13:56:40 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 11-Nov-2024 13:56:40 GMT
content-type
application/json; charset=utf-8

Redirect headers

strict-transport-security
max-age=31536000
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
location
/watch/68360557/1?wmode=7&page-url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Akcy5clq5tslki0xlqges4dlki57%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ait-IT%3Av%3A1502%3Acn%3A1%3Adp%3A0%3Als%3A423533612494%3Ahid%3A175009476%3Az%3A60%3Ai%3A20241111145640%3Aet%3A1731333400%3Ac%3A1%3Arn%3A910004072%3Arqn%3A1%3Au%3A1731333400997179714%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Afp%3A3895%3Awv%3A2%3Ads%3A35%2C688%2C1075%2C118%2C0%2C0%2C%2C2038%2C71%2C%2C%2C%2C4414%3Aco%3A0%3Acpf%3A1%3Ans%3A1731333395777%3Agi%3AR0ExLjEuMTgxMzk2ODU2Mi4xNzMxMzMzNDAw%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1731333401%3At%3A%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29rcm%281%29cdl%28na%29eco%2842009088%29ti%281%29
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
pragma
no-cache
access-control-allow-credentials
true
expires
Mon, 11-Nov-2024 13:56:40 GMT
access-control-allow-origin
https://www.itsec.ru
date
Mon, 11 Nov 2024 13:56:40 GMT
x-xss-protection
1; mode=block
last-modified
Mon, 11-Nov-2024 13:56:40 GMT
widget
www.itsec.ru/_hcms/livechat/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/_hcms/livechat/widget?portalId=2037604&conversations-embed=static-1.18525&mobile=false&messagesUtk=2105aeaa4c1343e793382bf633a7331a&traceId=2105aeaa4c1343e793382bf633a7331a
Requested by
Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3773e615322877a166ea02d32faf80eed86b10a8125e072545ffdc1a165a43f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-HubSpot-Messages-Uri
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
access-control-allow-credentials
false
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-content-type-options
nosniff
cf-ray
8e0ec97b39cc4c48-MXP
alt-svc
h3=":443"; ma=86400
date
Mon, 11 Nov 2024 13:56:40 GMT
x-hubspot-correlation-id
152de4e3-f3b1-4289-a1b6-ce1010f993c0
content-type
application/json;charset=utf-8
vary
origin, Accept-Encoding
server
cloudflare
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
counters.gif
perf-eu1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=config-loaded-success&value=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
9b738362-558f-4778-9b0d-b8b21028607e
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
9b738362-558f-4778-9b0d-b8b21028607e
Content-Type
image/gif
vary
origin, Accept-Encoding
Last-Modified
Mon, 11 Nov 2024 13:56:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-l2lvt
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8e0ec97c3a714bed-MXP
Accept-Ranges
bytes
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
collect
www.google-analytics.com/j/ 		1 B
417 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2116424658&t=pageview&_s=1&dl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&ul=it-it&de=UTF-8&dt=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82%20Androxgh0st%20%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE%20%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F%20%D0%BD%D0%B0%20%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B%20%D0%B8%C2%A0%20%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0%20%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=121272191&gjid=1487028035&cid=1813968562.1731333400&tid=UA-115765294-3&_gid=1214114054.1731333401&_r=1&gtm=457e4b70za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629&jsscut=1&z=1951159652
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 13:56:40 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.itsec.ru
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
1
server
Golfe2
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
537 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=40178650-0529-4d70-8b82-b647c1d9909b&lt=1731333399656&dt=1731333399656&at=1731333400916&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
ecf6dbfa-0818-484f-8394-3d11a835dfcc
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
ecf6dbfa-0818-484f-8394-3d11a835dfcc
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kh927
cf-ray
8e0ec97bcad04c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
364 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=1dc07eb3-0613-40dc-9082-2beaec02e52f&lt=1731333399656&dt=1731333399725&at=1731333400917&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
2688c357-bbe7-4c52-a97f-48b12e3bb9bd
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
2688c357-bbe7-4c52-a97f-48b12e3bb9bd
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
2
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kzwl4
cf-ray
8e0ec97bcad34c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=cf2d2246-b1ea-4037-9527-5b8285104d69&lt=1731333399725&dt=1731333399725&at=1731333400918&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
4e173753-73f9-459a-8d08-dca9112199cb
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
4e173753-73f9-459a-8d08-dca9112199cb
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
4
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-qjh4c
cf-ray
8e0ec97bcad54c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
362 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&lt=1731333399656&dt=1731333399725&at=1731333400918&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
9d67a747-0f5c-4fd5-b597-b27e32e2bc87
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
9d67a747-0f5c-4fd5-b597-b27e32e2bc87
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kh927
cf-ray
8e0ec97bcad84c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=efcac6b0-ac97-4906-992f-96f9fbfebdc3&lt=1731333399656&dt=1731333399725&at=1731333400919&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
9b60bfa9-a238-4b5d-abe6-17a03d2cded5
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
9b60bfa9-a238-4b5d-abe6-17a03d2cded5
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
4
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-5pkvh
cf-ray
8e0ec97bcad94c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=8df04822-3674-4a3c-99e2-baf7ab9c8590&lt=1731333399656&dt=1731333399656&at=1731333400920&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
b907179d-75b0-4366-bc66-078b098a9772
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
b907179d-75b0-4366-bc66-078b098a9772
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
4
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-5pkvh
cf-ray
8e0ec97bdadb4c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
369 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=24d42685-c73d-44f9-a545-50c130655423&lt=1731333399654&dt=1731333399654&at=1731333400920&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
0fea0a4d-2779-45d5-a158-0d5016497c25
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
0fea0a4d-2779-45d5-a158-0d5016497c25
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kzwl4
cf-ray
8e0ec97beb014c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
384 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=1b22075b-9a31-425e-99b6-54bc096713d0&lt=1731333399654&dt=1731333399654&at=1731333400921&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
5a75a284-8415-4c6e-9a44-31356540edcc
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
5a75a284-8415-4c6e-9a44-31356540edcc
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-t6j4t
cf-ray
8e0ec97beb024c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=ca0ec86d-029f-4743-ae4b-fa8076656ff3&lt=1731333399653&dt=1731333399653&at=1731333400921&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
0cf2b63b-5bce-4a81-8cad-5242d1e489c7
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
0cf2b63b-5bce-4a81-8cad-5242d1e489c7
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-qjh4c
cf-ray
8e0ec97beb034c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=45d90f48-7344-4e0d-a231-c951317dc6a7&lt=1731333399642&dt=1731333399642&at=1731333400922&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
232f8c1e-6d8b-4838-9024-9fa996930703
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
232f8c1e-6d8b-4838-9024-9fa996930703
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
3
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kzwl4
cf-ray
8e0ec97beb054c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
343 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=8af81c11-2396-4bf7-ae21-cc7da1369356&lt=1731333399653&dt=1731333399653&at=1731333400922&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
78b82150-d66e-44bd-b031-bc2d23bd9fb9
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
78b82150-d66e-44bd-b031-bc2d23bd9fb9
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
4
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kzwl4
cf-ray
8e0ec97beb0b4c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
cta-loaded.js
www.itsec.ru/hs/cta/ctas/v2/public/cs/ 		0
508 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.itsec.ru/hs/cta/ctas/v2/public/cs/cta-loaded.js?pid=2037604&pg=1693d999-d02f-419f-bfb0-6ce57d598953&lt=1731333399627&dt=1731333399628&at=1731333400923&ae=1&an=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/hs/cta/cta/current.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.60.103.226 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
noindex, follow
x-request-id
2ecddcfe-1228-4b3b-a52b-c9e7663d2fc1
access-control-expose-headers
X-Origin-Hublet
cf-cache-status
MISS
x-origin-hublet
eu1
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
2ecddcfe-1228-4b3b-a52b-c9e7663d2fc1
content-type
application/javascript;charset=utf-8
last-modified
Mon, 11 Nov 2024 13:56:41 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000
content-security-policy
upgrade-insecure-requests
cache-control
max-age=0, no-cache, no-store
x-evy-trace-route-service-name
envoyset-translator
x-envoy-upstream-service-time
4
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-nmp47
cf-ray
8e0ec97beb0e4c48-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
0
server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
perf-eu1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=cta-json-success&value=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
822dc96c-cf93-48c3-a615-2641263db476
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
822dc96c-cf93-48c3-a615-2641263db476
Content-Type
image/gif
vary
origin, Accept-Encoding
Last-Modified
Mon, 11 Nov 2024 13:56:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-nmp47
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8e0ec97c8955526c-MXP
Accept-Ranges
bytes
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
perf-eu1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=cta-render-success&value=1
Requested by
Host: www.itsec.ru
URL: https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
2860dd12-3012-444a-b4cd-47bcf482050f
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 11 Nov 2024 13:56:41 GMT
x-hubspot-correlation-id
2860dd12-3012-444a-b4cd-47bcf482050f
Content-Type
image/gif
vary
origin, Accept-Encoding
Last-Modified
Mon, 11 Nov 2024 13:56:41 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-hd88d
x-envoy-upstream-service-time
3
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8e0ec97cedc90e77-MXP
Accept-Ranges
bytes
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
2105aeaa4c1343e793382bf633a7331a
app-eu1.hubspot.com/conversations-visitor/2037604/threads/utk/ Frame F87A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app-eu1.hubspot.com/conversations-visitor/2037604/threads/utk/2105aeaa4c1343e793382bf633a7331a?uuid=1f4ccd1d1e8444f298e1e44c82d43dbe&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=&domain=itsec.ru&inApp53=false&messagesUtk=2105aeaa4c1343e793382bf633a7331a&url=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&inline=false&isFullscreen=false&globalCookieOptOut=&isFirstVisitorSession=true&isAttachmentDisabled=false&isInitialInputFocusDisabled=false&enableWidgetCookieBanner=false&isInCMS=true&hideScrollToButton=true&isIOSMobile=false
Requested by
Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options no-sniff

Request headers

Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
false
age
2425
cache-control
max-age=600
cache-tag
staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status
DYNAMIC
cf-ray
8e0ec97d495f5234-MXP
content-encoding
gzip
content-security-policy-report-only
script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com www.recaptcha.net *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://send.hsbrowserreports.com/csp/report?resource=conversations-visitor-ui/static-1.20974/html/index.html&cfRay=8e0ec97d495f5234&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fconversations-visitor%2F2037604%2Fthreads%2Futk%2F2105aeaa4c1343e793382bf633a7331a%3Fuuid%3D1f4ccd1d1e8444f298e1e44c82d43dbe%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3D%26domain%3Ditsec.ru%26inApp53%3Dfalse%26messagesUtk%3D2105aeaa4c1343e793382bf633a7331a%26url%3Dhttps%253A%252F%252Fwww.itsec.ru%252Fnews%252Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%253Fhss_channel%253Dtw-293529696%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3D%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26isInitialInputFocusDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dtrue%26hideScrollToButton%3Dtrue%26isIOSMobile%3Dfalse&referrer=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&cfenv=prod&pdt=2024-11-11&csp=ro
content-type
text/html; charset=utf-8
date
Mon, 11 Nov 2024 13:56:41 GMT
etag
W/"5fa022b2c29e8bcc1ea27ac629fc54d3"
last-modified
Thu, 31 Oct 2024 16:46:07 UTC
report-to
{"group":"default","max_age":86400,"endpoints":[{"url":"https://send.hsbrowserreports.com/csp/reports"}]}
reporting-endpoints
default="https://send.hsbrowserreports.com/csp/reports?cfRay=8e0ec97d495f5234&resource=conversations-visitor-ui/static-1.20974/html/index.html"
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
origin, Accept-Encoding
via
1.1 d72cc6b7011ac53cd6e4d65e0d9f5ac4.cloudfront.net (CloudFront)
x-amz-cf-id
6gPxe1lZygsW6xxEOhDfXlfPUF9uC_0Oy5PSa__PVwdFKNvX832jaw==
x-amz-cf-pop
FRA60-P6
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
XJshzHOGjIvlxi1TWvzBXmGPZIuGBiPP
x-cache
Hit from cloudfront
x-content-type-options
no-sniff
x-envoy-upstream-service-time
3
x-evy-trace-listener
listener_https
x-evy-trace-route-configuration
listener_https/all
x-evy-trace-route-service-name
envoyset-translator
x-evy-trace-served-by-pod
fra04/app-td/envoy-proxy-96ff69c4c-kdllb
x-evy-trace-virtual-host
all
x-hs-cache-status
MISS
x-hs-target-asset
conversations-visitor-ui/static-1.20974/html/index.html
x-hs-worker-debug-mode
false
x-hubspot-correlation-id
3cd8e931-5c9e-424b-8d06-784382b02944
x-request-id
3cd8e931-5c9e-424b-8d06-784382b02944
__ptq.gif
track-eu1.hubspot.com/ 		45 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402059&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
c1236b47-e4d7-47af-9578-1bfa7a54dc93
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hXEOA2izPSBoCghtxQjPjgMIgwFhK2yiIgnxnEdl3Dz%2BqOH7d7igW2Pym3eN9Q5kUdW5xB3A6zwaJ%2BpjsTjkYRHfZveaAFLTROavAZbJej6BIFqWhq0XFJIIc2INiTnOKAZht4XmLg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
c1236b47-e4d7-47af-9578-1bfa7a54dc93
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-qr6z7
x-envoy-upstream-service-time
5
access-control-allow-credentials
false
cf-ray
8e0ec983db495244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
counters.gif
perf-eu1.hsforms.com/embed/v3/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://perf-eu1.hsforms.com/embed/v3/counters.gif?key=cta-with-analytics&value=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.65.232.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
ddf4632f-b5a1-48ff-9bf4-d6662c7ee3f3
access-control-expose-headers
X-Origin-Hublet
CF-Cache-Status
MISS
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=86400
x-evy-trace-listener
listener_https
Date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
ddf4632f-b5a1-48ff-9bf4-d6662c7ee3f3
Content-Type
image/gif
vary
origin, Accept-Encoding
Last-Modified
Mon, 11 Nov 2024 13:56:42 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
Cache-Control
max-age=0, no-cache, no-store
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-jplsk
x-envoy-upstream-service-time
2
Connection
keep-alive
access-control-allow-credentials
false
CF-RAY
8e0ec9831ffc0e77-MXP
Accept-Ranges
bytes
x-evy-trace-route-configuration
listener_https/all
Content-Length
35
Server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%2240178650-0529-4d70-8b82-b647c1d9909b%22%2C%22482e02fe-a471-4860-b709-074fb5917d44%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402069&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
c0088aca-0611-4618-9e26-69fa7653fb77
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taWZ7qsEJNhlV6W0R5pN0g2NYfZhuLQ7UPqC1RI21OJl4V4CBzvIbx4JjdW3loj8MFDzTisHDF8gac5ANDmFuSg4JSooNw8qiuzIujvO2WJYbXskrxvA7Nwd1YeW%2FRMSRrlWtO7tBw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
c0088aca-0611-4618-9e26-69fa7653fb77
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-xv4nr
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9840b735244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
877 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%221dc07eb3-0613-40dc-9082-2beaec02e52f%22%2C%2257c01871-b64a-4c90-8505-8519fa42b6ce%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402069&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
ab2a5ce6-53e1-4603-9475-4cb49c2a9505
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=r6XTuOUcUWE5gxrvqmHbm2R3V380mCg8B0IGRlU%2FUWCAdWJwytvWmJURUFTW%2BkJ6RPYdr95cDTWUxAoa0CX1GT%2BrfCKu%2Fs0RonIcMAkySJLaqkke8rmxAcbYgvHVKtQlkeK3fMZg9A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
ab2a5ce6-53e1-4603-9475-4cb49c2a9505
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-fkkng
x-envoy-upstream-service-time
6
access-control-allow-credentials
false
cf-ray
8e0ec9840b705244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%22cf2d2246-b1ea-4037-9527-5b8285104d69%22%2C%22a68e27f8-2fad-4d82-9be7-6cd6f5cc047b%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402070&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
d9a13203-a8dc-41f9-a7bb-80d3e81e99f9
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xHC1POhauhm4wiasLm%2BK7f74qQomfzrbzMLO%2BvJhEay0edvnwpU0QDZtZyeeK40XOTZf0OafDX8uNU%2FLkk0Ko%2BpdqPfKro3Njel9o23t530l26haZIrAehJPCx4Hi%2B%2F5TxVIQqa7ag%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
d9a13203-a8dc-41f9-a7bb-80d3e81e99f9
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-xbtsh
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec983eb5f5244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%22efcac6b0-ac97-4906-992f-96f9fbfebdc3%22%2C%22785e4321-397b-447f-b18a-95597b22bb15%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402070&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
4ab360e5-6c73-4bac-8ad8-eb34c6f4d291
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=needcLcWzEhsw2tX7SijIx8Tkm2gqayRpzfAeDSaE011p3J%2BZTdm33lhvHI3ickpOhzBI54FdBRVaVXXSOMJXhmbQvbGuN95nYHl4YK26unSj7dvt9EYrYXDuZIKWdwdfopoA7zvCA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
4ab360e5-6c73-4bac-8ad8-eb34c6f4d291
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-n7gtf
x-envoy-upstream-service-time
4
access-control-allow-credentials
false
cf-ray
8e0ec983eb5d5244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%228df04822-3674-4a3c-99e2-baf7ab9c8590%22%2C%22ee5afb7f-f89d-4c60-a01a-fcdd5886d990%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402070&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
d2ee009e-2d59-4d96-a883-48cd62bb7ee3
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z62I3O4px3OGHjU%2FmUPrD0ted0X0XkECN7aEIStBNuD0z5WwEBg1%2FJ2bdAqohNEgIfKLA5O4c7LK4qoXM4ReBxgQh8Y%2Ft2HpK%2BAMWP4QKmiS7beGwQd2yk0lZnbhgm1eSrzWjt0U9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
d2ee009e-2d59-4d96-a883-48cd62bb7ee3
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-dg4sc
x-envoy-upstream-service-time
4
access-control-allow-credentials
false
cf-ray
8e0ec983eb625244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%2224d42685-c73d-44f9-a545-50c130655423%22%2C%2284b67f6f-9f09-4068-9df4-b20f18845c05%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402070&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
04e9a992-3015-4466-8981-e3d26996b524
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qeksKPpcTuHdlX%2FKL2%2FphtY8sqomcjFsa1BOzETku7l7Q2B1qJ3OWmkWUZViifh4boFvv910ommAGN%2FKElbD6xCM7A7NC313Iun8ty%2FOSDONQ%2BQnHfx43hrPzaE%2BFv39SBQbOzic%2Bw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
04e9a992-3015-4466-8981-e3d26996b524
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-zvr2t
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9847c4d5244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%221b22075b-9a31-425e-99b6-54bc096713d0%22%2C%22b94abbf7-4171-46f2-9d07-8ed5869707f5%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402071&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
0fa5aced-2581-498e-a985-9ec17c2762b1
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZ0QtJkscMxAKMgBTC19LJ1EnojAA7e9xDaFVODcOCMyI00pPbUtLAjYZbmo4QB3BnP4RTim9UWKJKmgxT5ZN8QiQsOhNaViocZ%2BDvDHszqD4Zbz%2FkvAiz4aDtjjeUMJ9G7M2LnL1w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
0fa5aced-2581-498e-a985-9ec17c2762b1
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-9z94t
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9847c4f5244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
752 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%22ca0ec86d-029f-4743-ae4b-fa8076656ff3%22%2C%22a0f5b554-df6e-4f13-8dd1-c9aae675af5d%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402071&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
b229f168-2128-426d-a5d8-df08ded2db49
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1QioO0VE%2FE%2FGw5Sq9dO2vr%2FdUhjgBVNMxHjsKGHYKprpZckUEUza%2FfemTdDwIkOG%2BWpSBtpl3dASFtlWq1TLGben%2F%2F3G932i8VgM1UNiff7mlGWb%2BmiSzKifPmvCFrMZjxxGU3axOg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
b229f168-2128-426d-a5d8-df08ded2db49
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-xbtsh
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9847c505244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%2245d90f48-7344-4e0d-a231-c951317dc6a7%22%2C%2266109ab1-e294-4414-bdfa-96ad42a71669%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402071&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
ac8c6e9a-f97b-4c1a-8f08-4e0159f010a9
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7a62YpWZkcqMSH2DO6ek6sk3oLXKJSETTQJERrexJuSYQvZUnXfBJXGGvWzgDi%2BjM7ClZTgCjGvQQQ56xA1qaBtM42oLXlnXIWmCFbIr4MsqXWtF0G%2FMRPcrb0NM7367iWPj41k6DA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
ac8c6e9a-f97b-4c1a-8f08-4e0159f010a9
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-ttw27
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9847c515244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%228af81c11-2396-4bf7-ae21-cc7da1369356%22%2C%22c80e615d-e08a-4bdb-b1a1-220766d0b859%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402071&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
9dabef1f-cbc6-4840-a1a8-8cccc02fee9e
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2jXNza3vKc3RJMa1bZ%2FtOERMe9ctJLYg%2F7kPpDAJCsspOGB8P%2BNt6XJaCNBrIhy2O7TPpq0JDG0vAecHGipuz2mdzwKPAgiI5jwvCRkkyOV39s7t%2FgT6%2BST7q4vkNzQ0WsoTdIcEJg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
9dabef1f-cbc6-4840-a1a8-8cccc02fee9e
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-txml2
x-envoy-upstream-service-time
4
access-control-allow-credentials
false
cf-ray
8e0ec9847c525244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
749 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=12&aij=%5B%221693d999-d02f-419f-bfb0-6ce57d598953%22%2C%220a4a9282-7763-4f1a-9ac5-7b9c55a42c48%22%5D&rfc=8&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402071&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
907f7b7b-21e3-42b1-bbfb-cfa80a051fed
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4512us1CFsN66fO8%2ByS1MiF0%2BVhUaddepPjiAu6OJVfsUS3Rna1ROwGUyLViWcxPFXK%2FNK3k9PLFaY8%2BVpbhsEoi9nlPKnkXLKBCGiFl467lVg29GOp%2F15m28NEeX2%2FhWut%2B4G6czQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
907f7b7b-21e3-42b1-bbfb-cfa80a051fed
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-khs6x
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9847c535244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
favicon-3.ico
2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/
Redirect Chain
  • https://cdn2.hubspot.net/hubfs/2037604/favicon-3.ico
  • https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/favicon-3.ico
318 B
831 B 		Other
General
Check archive.org
Download Go to
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/favicon-3.ico
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58057864c334d485f8537c5f9965a92d6a6ada719612da5144ead26e5db241d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
content-encoding
br
cf-cache-status
HIT
etag
W/"1dc4ba8213850436ed27a138ae4643b1"
age
2494871
cache-tag
F-6779130686,P-2037604,FLS-ALL
x-amz-version-id
qV6aLG4nf7nD16gsP5fA6fTCzami5W.6
access-control-allow-methods
GET
x-cache
Miss from cloudfront
x-amz-cf-id
J1qzEVNSEcPqV31Z-IRPNj8nQ1zLGMVc_M-w85p8oMUb5m2dr6kj1Q==
date
Mon, 11 Nov 2024 13:56:42 GMT
content-type
image/vnd.microsoft.icon
last-modified
Thu, 25 Jan 2024 22:36:51 GMT
vary
Accept-Encoding
x-amz-id-2
6IBdw7G/OleGLlDAj0quio8z1L7zOBLj5MSkElIPaWKpixdCmyUaSCUIxRv2uspSHedwqGOn+OY=
x-amz-replication-status
COMPLETED
edge-cache-tag
F-6779130686,P-2037604,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 1a655751f71b674c9477e21af51008fc.cloudfront.net (CloudFront)
cf-ray
8e0ec983786a0e11-MXP
x-amz-request-id
2HAZ2FNDFVXSESXN
access-control-allow-origin
*
x-amz-meta-cache-tag
F-6779130686,P-2037604,FLS-ALL
x-amz-cf-pop
ZRH55-P2
server
cloudflare
x-amz-server-side-encryption
AES256

Redirect headers

nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
location
https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/favicon-3.ico
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UtUJ%2F51l6RTc%2BASS63obkRVbXOv8VAVf2UnFe0DmB7CMQt1RuZvy2nQK5o88ZhV6BhD2eVt%2FomRBdU07b%2Bt8OCWVS6OFZ1XJCEbkZmCSb63G%2BBMpze%2BJtv7DN%2BVc7DIOKQc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e0ec9830b18526c-MXP
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 11 Nov 2024 13:56:42 GMT
vary
Accept-Encoding
server
cloudflare
json
forms-eu1.hubspot.com/lead-flows-config/v1/config/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://forms-eu1.hubspot.com/lead-flows-config/v1/config/json?portalId=2037604&utk=a862cce61a7225d269d3546dec13d968&__hstc=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&__hssc=222632132.1.1731333402057&contentId=187281761483&currentUrl=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696
Requested by
Host: js-eu1.hsleadflows.net
URL: https://js-eu1.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.193.34 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9376617bed229213371b512680a7583706ab3d2e7021d44b9ac60601cc91dac6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
access-control-max-age
180
x-request-id
5a830c8a-be5b-40f7-9cde-23b385c1240c
content-encoding
gzip
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOCf37FRKiGRxd1CcwMpAYWE%2FvwdFhGQXLjElBeWqi2ulayXUIjFAt9G1FDaskCgMN%2BBQ0wGvwXftBbjfy2ztgfZbyYrHpaFXAp7xkpVLZ67jRKLBzaBPusY9Isvew6lwlrqlLkQRg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-evy-trace-listener
listener_https
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
5a830c8a-be5b-40f7-9cde-23b385c1240c
content-type
application/json;charset=utf-8
vary
origin
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
max-age=0, no-cache, no-store
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/star-hubspot-td/envoy-proxy-7bd456bc7f-kzwl4
x-envoy-upstream-service-time
33
access-control-allow-credentials
false
cf-ray
8e0ec9848ef0ba9d-MXP
access-control-allow-origin
https://www.itsec.ru
x-evy-trace-route-configuration
listener_https/all
content-length
1822
server
cloudflare
x-evy-trace-virtual-host
all
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=explicit
Requested by
Host: js-eu1.hsleadflows.net
URL: https://js-eu1.hsleadflows.net/leadflows.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f4.1e100.net
Software
ESF /
Resource Hash
0fc15d12e6e8c704fc85beb8147f2008b76efbbdfbf433c9ef72831f8eac21f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Mon, 11 Nov 2024 13:56:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
__ptq.gif
track-eu1.hubspot.com/ 		45 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=16&fi=fc419495-0f8e-49fb-afe4-eb89439ed952&lfi=3108532&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402473&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
56a5a2aa-d7ec-4060-bda9-0524c1394de2
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WbLzJJX4JEnnOEatb%2FTDRV9sDjdw5OcUXab0cSaMZ09HzTSXQqOrHExq8CCP%2BmX4ToS%2BXSwHjDchc1nu9UU6P7tw2tIIBqdgvb6f2mPlVsoZa9p7eh1LP9M3isvdcn0LZkJdQcsTHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
56a5a2aa-d7ec-4060-bda9-0524c1394de2
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-fkkng
x-envoy-upstream-service-time
4
access-control-allow-credentials
false
cf-ray
8e0ec9858da55244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
__ptq.gif
track-eu1.hubspot.com/ 		45 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-eu1.hubspot.com/__ptq.gif?k=16&fi=eed86072-03ad-4f40-8a69-ef48f8cbe3f3&lfi=421054&ft=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=it-it&bfp=2458269893&v=1.1&a=2037604&pi=187281761483&ct=blog-post&ccu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot&cpi=187281761483&cgi=6551927956&lpi=187281761483&lvi=187281761483&lvc=ru-ru&pu=https%3A%2F%2Fwww.itsec.ru%2Fnews%2Fbotnet-androgh0st-aktivno-ohotitisa-na-serveri-iot%3Fhss_channel%3Dtw-293529696&t=%D0%91%D0%BE%D1%82%D0%BD%D0%B5%D1%82+Androxgh0st+%D0%B0%D0%BA%D1%82%D0%B8%D0%B2%D0%BD%D0%BE+%D0%BE%D1%85%D0%BE%D1%82%D0%B8%D1%82%D1%81%D1%8F+%D0%BD%D0%B0+%D1%81%D0%B5%D1%80%D0%B2%D0%B5%D1%80%D1%8B+%D0%B8%C2%A0+%D1%83%D1%81%D1%82%D1%80%D0%BE%D0%B9%D1%81%D1%82%D0%B2%D0%B0+%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%BD%D0%B5%D1%82%D0%B0+%D0%B2%D0%B5%D1%89%D0%B5%D0%B9&cts=1731333402473&vi=a862cce61a7225d269d3546dec13d968&nc=true&u=222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1&b=222632132.1.1731333402057&pt=0&cc=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
none
x-request-id
756c958f-819a-48d5-abab-9e7b4777540a
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jEMjxqLsKntKHw7nSexxuJJWseA5Z%2FIkCKXFf0YORg8IqqczenFSdCx0iA5wtYD18B6aoFe9WCtTi2lvWBhSGnmTQvWnBQwrgI2TgjOUVnQcVOpeU2M8na20jjcDAAt81EaffdJapg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
x-evy-trace-listener
listener_https
p3p
CP="NOI CUR ADM OUR NOR STA NID"
date
Mon, 11 Nov 2024 13:56:42 GMT
x-hubspot-correlation-id
756c958f-819a-48d5-abab-9e7b4777540a
content-type
image/gif
last-modified
Mon, 11 Nov 2024 13:56:42 GMT
vary
origin, Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-evy-trace-route-service-name
envoyset-translator
cache-control
no-cache, no-store, no-transform
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-served-by-pod
fra04/analytics-tracking-td/envoy-proxy-66cf7ff8c4-fkkng
x-envoy-upstream-service-time
3
access-control-allow-credentials
false
cf-ray
8e0ec9858da85244-MXP
accept-ranges
bytes
x-evy-trace-route-configuration
listener_https/all
content-length
45
server
cloudflare
x-evy-trace-virtual-host
all
recaptcha__it.js
www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/ 		547 KB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-ZG7BC9TxCVEbzIO2m429usb/recaptcha__it.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
sffe /
Resource Hash
568eb1fee3e1102246fda6d33edbe5c8a37f631f36afb7f06a4a9781e72011a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://www.itsec.ru
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

content-encoding
gzip
age
426611
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:26:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:26:32 GMT
last-modified
Tue, 22 Oct 2024 00:01:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
221440
x-xss-protection
0
server
sffe
negotiations_business.jpg
2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/
Redirect Chain
  • https://2037604.fs1.hubspotusercontent-na1.net/hubfs/2037604/negotiations_business.jpg
  • https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/negotiations_business.jpg
241 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/negotiations_business.jpg
Protocol
H2
Server
141.101.90.96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f00a7b0e0def40e0d3f655e5d93b8b0739ef68cd0f10aebb38c2bb2027522c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://www.itsec.ru/news/botnet-androgh0st-aktivno-ohotitisa-na-serveri-iot?hss_channel=tw-293529696

Response headers

x-robots-tag
all
cf-cache-status
HIT
etag
"d70daa6aa1175a88a9a6ff7ad2d0875c"
age
2424765
cache-tag
F-68660403592,P-2037604,FLS-ALL
x-amz-version-id
MAi3tSuueqLZ9IE2G4KEERHaOjsUd8ab
x-cache
RefreshHit from cloudfront
x-amz-cf-id
J_OYLSdEwhxUFnU1e2vADwGD70P6U2rPbmO8_r_Uiq9K0tjohpuR5A==
content-type
image/webp
content-disposition
inline; filename="negotiations_business.webp"
last-modified
Thu, 25 Jan 2024 20:32:52 GMT
x-amz-meta-index-tag
all
x-amz-replication-status
COMPLETED
edge-cache-tag
F-68660403592,P-2037604,FLS-ALL
cache-control
s-maxage=2592000, max-age=1209600, stale-while-revalidate=900
x-amz-request-id
CCN6BTA3P68N900C
accept-ranges
bytes
x-amz-meta-cache-tag
F-68660403592,P-2037604,FLS-ALL
content-length
246518
x-hs-alternate-content-type
text/plain
server
cloudflare
x-amz-server-side-encryption
AES256
x-hs-cf-lambda
us-east-1.SetCacheTagHeaders 4
cf-bgj
imgq:85,h2pri
access-control-allow-methods
GET
cf-polished
qual=85, origFmt=jpeg, origSize=585914
date
Mon, 11 Nov 2024 13:56:43 GMT
vary
Accept, Accept-Encoding
x-amz-id-2
qtc6PqTZ7L9mHcdLhwQyRD2mJ+efDWhU9CiT6p1gHtV4EQqCuJVxJ0RTSjwLjt6+/tLf98T3Egc=
timing-allow-origin
2037604.fs1.hubspotusercontent-eu1.net
via
1.1 d7f33da0c853901ca9e59258dff39448.cloudfront.net (CloudFront)
cf-ray
8e0ec98c2e390e11-MXP
access-control-allow-origin
*
x-amz-cf-pop
MXP53-P4
x-amz-meta-created-unix-time-millis
1647427014252

Redirect headers

cf-ray
8e0ec98bc8170e43-MXP
access-control-allow-origin
*
location
https://2037604.fs1.hubspotusercontent-eu1.net/hubfs/2037604/negotiations_business.jpg
content-length
0
date
Mon, 11 Nov 2024 13:56:43 GMT
vary
Accept-Encoding
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
no-cache.hubspot.com
URL
https://no-cache.hubspot.com/cta/default/2037604/efcac6b0-ac97-4906-992f-96f9fbfebdc3.png
Domain
no-cache.hubspot.com
URL
https://no-cache.hubspot.com/cta/default/2037604/1dc07eb3-0613-40dc-9082-2beaec02e52f.png
Domain
no-cache.hubspot.com
URL
https://no-cache.hubspot.com/cta/default/2037604/cf2d2246-b1ea-4037-9527-5b8285104d69.png

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| hsjQuery function| gtag object| dataLayer function| fbq function| _fbq object| _hsq object| hbspt function| ym object| layoutEngine object| act object| Modernizr function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| WOW function| ResizeSensor object| plyr object| hsVars function| hs_i18n_log function| hs_i18n_substituteStrings function| hs_i18n_insertPlaceholders function| hs_i18n_getMessage object| vex function| hsInitSlider object| jQuery1112047320407457114144 object| hsCommentListing function| hsPopulateCommentsFeed function| hsPopulateCommentFormOnFormReady function| hsPopulateCommentFormOnFormSubmitted function| hsPopulateCommentFormGetExtraMetaDataBeforeSubmit function| hsOnReadyPopulateCommentsFeed object| hsPostListings function| hsPopulateListingFeed function| hsOnReadyPopulateListingFeed_939253465_1731333397125 function| hsOnReadyPopulateListingFeed_946487002_1731333397216 object| google_tag_manager object| google_tag_data object| _hsp string| GoogleAnalyticsObject function| ga object| gaGlobal function| jsonp_1731333400261_97900 function| sanitizeKey boolean| _hstc_loaded boolean| IS_CLIENT_SIDE boolean| IS_WEB function| _bridgeSend function| _bridgeSupports function| obj2qs object| fastXDM object| VK object| globalRoot function| bindToWindowOnError object| leadflows object| hubspot function| OutpostErrorReporter function| _registerAvailablePopup object| _availablePopups boolean| popupPoliceActive boolean| LEAD_FLOWS_RAN boolean| COMMON_SETUP_RAN function| Rq function| Pv function| Qv object| Rv function| Sv function| Tv object| Ya object| yaCounter68360557 object| yaCounter48069041 boolean| _hspb_ran boolean| _hspb_loaded object| hsCtasOnReady object| __PRIVATE__HubspotCtaClient object| hsCallsToActionsReady object| __hsWebInteractiveInstance object| hsConversationsOnReady object| HubSpotCallsToActions boolean| hubspot_web_interactives_running boolean| hubspot_live_messages_running object| HubSpotConversations object| gaplugins object| gaData boolean| _hstc_ran string| __hsUserToken number| expireDateTime boolean| LEAD_FLOW_DOCUMENT_READY_RAN object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha

39 Cookies

Domain/Path Name / Value
.www.itsec.ru/ Name: __cf_bm
Value: yAI_Hz0TkzuOcgMQi3LZjSqpCrTe_T_b1sxQd7C2wyw-1731333397-1.0.1.1-uu3q08gHhVzd37iHy2eN072HH4oiOu1AOm7d.Pv4VoD8U.o8LhOjBkYCZFEhSjLdzqmBg9xWIuAfcfohz56n7g
.www.itsec.ru/ Name: __cfruid
Value: 081ea2873fdf3b87eea8ff7b1f7677b5175967f7-1731333397
.vk.com/ Name: remixlang
Value: 7
.itsec.ru/ Name: _ga_7VCBG2SCQS
Value: GS1.1.1731333400.1.0.1731333400.60.0.1435931127
.vk.com/ Name: remixstlid
Value: 9101681991626509447_ob5UdWFzdWXwWOLApv66nCDTCjEjZZy7oysW7novEpk
.itsec.ru/ Name: _ym_uid
Value: 1731333400997179714
.itsec.ru/ Name: _ym_d
Value: 1731333400
.yandex.ru/ Name: yashr
Value: 5989026121731333400
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 2828896054fake
.yandex.com/ Name: i
Value: c/f+vMTbIyLT0++A+v9D1G0az4eYR2cTfNR8tqDbO2+RAe9IE+bA4uRtW6vgEiiOWVHqLJiyUrUCNLGoexPd+mYr16E=
.yandex.com/ Name: yandexuid
Value: 3935902931731333400
.yandex.com/ Name: yashr
Value: 5504771411731333400
.itsec.ru/ Name: _ym_isad
Value: 2
.itsec.ru/ Name: _fbp
Value: fb.1.1731333400566.330579514186110225
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 428608198fake
.mc.yandex.com/ Name: sync_cookie_ok
Value: synced
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yandex.ru/ Name: yandexuid
Value: 3935902931731333400
.yandex.ru/ Name: yuidss
Value: 3935902931731333400
.yandex.ru/ Name: i
Value: c/f+vMTbIyLT0++A+v9D1G0az4eYR2cTfNR8tqDbO2+RAe9IE+bA4uRtW6vgEiiOWVHqLJiyUrUCNLGoexPd+mYr16E=
.yandex.ru/ Name: yp
Value: 1731419800.yu.1225518911731333400
.yandex.ru/ Name: ymex
Value: 1733925400.oyu.1225518911731333400
.itsec.ru/ Name: _ga
Value: GA1.2.1813968562.1731333400
.itsec.ru/ Name: _gid
Value: GA1.2.1214114054.1731333401
.itsec.ru/ Name: _gat_gtag_UA_115765294_3
Value: 1
mc.yandex.com/ Name: yabs-sid
Value: 133851621731333400
.yandex.com/ Name: yuidss
Value: 3935902931731333400
.yandex.com/ Name: ymex
Value: 1762869400.yrts.1731333400
.yandex.com/ Name: receive-cookie-deprecation
Value: 1
.yandex.com/ Name: bh
Value: KgI/MGCYmsi5Bg==
.hsforms.com/ Name: __cf_bm
Value: 7jgOgjx4veQ.81c_ilOioeXiWljOdEeWET3k9l5gZ8Y-1731333401-1.0.1.1-jHFo4R7D3qfOXdzOUg8PxiQLMYdHXR_3NpAhz_IQkVsiagi_Phb9DXgF4xW.C4jb6rwlbJNYwIJV4TYJDBJ0SA
.hsforms.com/ Name: _cfuvid
Value: __toC9jVk1OoQKQoOTUwCsTVrBJ0jPyWHAZ3RsJDkgs-1731333401165-0.0.1.1-604800000
.itsec.ru/ Name: messagesUtk
Value: 2105aeaa4c1343e793382bf633a7331a
.itsec.ru/ Name: __hstc
Value: 222632132.a862cce61a7225d269d3546dec13d968.1731333402057.1731333402057.1731333402057.1
.itsec.ru/ Name: hubspotutk
Value: a862cce61a7225d269d3546dec13d968
.itsec.ru/ Name: __hssrc
Value: 1
.itsec.ru/ Name: __hssc
Value: 222632132.1.1731333402057
.hubspot.com/ Name: __cf_bm
Value: CATDZIJYoh39BBeycgx33.i7bfCaC7QKubM0U5RumLE-1731333402-1.0.1.1-AV8NsrGIAqD1guYo9zosynuRaSWC6_Uo81tD7Jw9PA8M0RRnA5QFVn9nTh4FKYmZktwbqEKjD2B5vu3Moawvrw
.hubspot.com/ Name: _cfuvid
Value: A3xxI5QbmCPcB5zIMkF7tXmDssBEXcLNHP0nw0J6Enc-1731333402558-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
network error URL: https://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-5c518d86ff300102
Message:
Failed to load resource: the server responded with a status of 500 (Internal Server Error)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2037604.fs1.hubspotusercontent-eu1.net
2037604.fs1.hubspotusercontent-na1.net
273774.fs1.hubspotusercontent-na1.net
7052064.fs1.hubspotusercontent-na1.net
analytics.google.com
api-eu1.hubapi.com
app-eu1.hubspot.com
cdn2.hubspot.net
connect.facebook.net
cta-eu1.hubspot.com
cta-service-cms2.hubspot.com
direct.groteck.ru
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hubspot.com
fs.hubspotusercontent00.net
hubspot-no-cache-eu1-prod.s3.amazonaws.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hsleadflows.net
js-eu1.hubspot.com
js-eu1.usemessages.com
maxcdn.bootstrapcdn.com
mc.yandex.com
mc.yandex.ru
no-cache.hubspot.com
perf-eu1.hsforms.com
s7.addthis.com
static.hsappstatic.net
stats.g.doubleclick.net
td.doubleclick.net
track-eu1.hubspot.com
vk.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.itsec.ru
no-cache.hubspot.com
104.16.118.116
104.17.172.91
104.18.10.207
104.18.91.62
141.101.90.96
141.101.90.99
142.250.184.195
142.250.184.200
142.250.185.194
142.250.185.227
142.250.185.78
142.250.186.78
157.240.0.6
157.240.253.35
172.217.16.196
172.64.146.132
172.65.193.34
172.65.198.159
172.65.202.201
172.65.232.43
172.65.236.181
172.65.238.60
172.65.239.55
172.65.240.166
195.146.82.42
199.60.103.226
216.58.212.170
23.206.209.244
52.219.171.147
64.233.166.154
87.240.137.164
87.250.251.119
93.158.134.119
043cfebfa4ec302e0368eadbae54853a5b6caff633b3d1e02a32f2cd2f71e1fd
067c9537ec36da4afb93e9fec9bc7e656959b6623e9491f0092200db06657f1c
0794ec55ac26233eb8ceed5fc64073eea5d00df95da9cc31f18b578a64762782
08121131779451c0131da527ed2779eecde1b22d3db8c920cdf4e591751251fb
086fffacf41faf8806924066fb22c92c9c54be630aef15e24215e6134945f065
0968e012a401f8d803f542b327db7d5b6b3c15ffd17e25518508fcf5b76ae557
0fc15d12e6e8c704fc85beb8147f2008b76efbbdfbf433c9ef72831f8eac21f3
169a3f2a726a4d03ddd1d47092ded2e17c0be86f2e6290dc84e2f109028268e2
19b8b7a969cd613a5f4af1598a649b33456bef5c22d09fe4a5c5459ab4fe50fb
1dcb245cbec995b243e178717c99a77faa28a60da0d4e81ea9e13fe7a0767bdd
1f00a7b0e0def40e0d3f655e5d93b8b0739ef68cd0f10aebb38c2bb2027522c7
1f8d494f0000ee3afe0170b6a569016e38615f93e91953efbabd3e8735cc0200
294d553c154e514c21f96bbd591e2b7f24259a1eb57151d14e3122df31f2999b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
356bb4bf2245a68ee5de5732b5574260dd2016a2c3987e17ad97fb2586a883d1
3dcb2becdc61b6feb7282d4fdd332b7e13b15e61a8f1463e5ab68cac8b6ec636
42c7e51d284cd7256caf3bfebf641141876657ea0d6e5588ac7e69dce1e9cf7e
444e15d0c62dc22f23cf26bf94fc27fbd43c63b6a3d4303b193fe6dd9d438fd0
4959378bb5307475ed3f59d4243cae7175db8b29958386b869b6881776f9b920
4b37a0d07d5617c8a49fcbecaf0c15a62f2a4b04bdc642343fe8459d0c2462e3
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548daca63b0812df9494af000ccf7d4eec2728ef65cd94ae6a1aec0e89ef860a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
568eb1fee3e1102246fda6d33edbe5c8a37f631f36afb7f06a4a9781e72011a3
58057864c334d485f8537c5f9965a92d6a6ada719612da5144ead26e5db241d1
5f297a0c1c0dc0a5fb9c70931b275504c7b3dd7d68d849d2fb9f55f023b900e8
615bee72e20548bc94767e3de4af6419b4f94d0ff2d0b3a807421444dcd9ac07
62758c613310935597d50349cd757f0286bd0d3fe5d78e1e798b4b973d7a9c25
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bb2c9db8e164d53dc5644662c30f6da14efb9cdebcc8116e53ba7b67b00cc49
6dba87f2bb4627686798df345a05d779c19b18fe0ab7366e2269786bc3251798
723fbf8d73cd4e75f64f7d21558585aa1658b11332e87bd288f6987e398ecfb4
78c1067f132eea7b2016db8fbd1598ff3aa7cf2783b9b015af6fea7c7e9857c2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ea7202867ab22bd0c6ba7df3783b566f6f429f174f673a6f46469228205d3d8
8596409e60c4d10f083bd3d8d4f67957b0a313add58c37b7fefe041630a17ed0
86e34b695c557f3b3c305182fbd7d58acbbf698f73bf97e00286e665d356cd2e
8b3caa9cbca43a94839d5e6c42a67b64c2d418612b834851f794556d361f6a2e
8da927b6b1240ffca4323fbb2a12c8e5abb541040965c2bc5b7d09a2eb963b02
8e7902d12bed414b23fd30c7019fc0fe08d03b14984beb21e486aaa59135f803
90675f0655920afe31da3a8dcb05cb127bedb04bf47ed416e8d608784b8932a6
929aee5623a45fbec3107f91d7a819afb5e259803e071a0fc957619bbe0356b1
9376617bed229213371b512680a7583706ab3d2e7021d44b9ac60601cc91dac6
9a6dde39d72bcc6477eaf676d55fda00c5312bd7050d9e4f36e6dc7ca9b9e763
a3773e615322877a166ea02d32faf80eed86b10a8125e072545ffdc1a165a43f
a412d7febfee5f30a62c8f7d2c034b1202a9b416ce0a916f952a2a148112fa4d
a796e6759ebc8937a015fc0afaed2608ac4d676adcea00322e03c035d765cc64
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
bf69d980b552a049ddb45e289113da7aeddd905f64c2222b2a5b217b168165bd
bf987f8ffb8e6644e8c8eb6e0354728ccd992718edc7c6833778b48777f0ce12
c36e430705ffb6e710c558e6798de6e87eceef9afafcfbd85ba31d645ffa8eb7
cb5224674e43d02db0037517f4aa29ba5ce9ddd0672e513cc7289714ba657522
cb60114d01e18846fc0570ef5b0c637ff1cf5f96b3cea88dd7a7a56bc587d726
d08c1e64263d89e2fcb4bb979fe6b51ee3dfe4ae3315006ed34ca2ebb43869d2
d29de1609682964244bc8dc4064ca380ee33d2a5854f06cf4bc64763c2778c8f
d44882ab82adeef2856a0d52fb54bb70e472be45d50aa3a16b4cb39223391a99
d5857068841f475de9a975ab1d593c40cead0b5e9d3d27e57ca0642cfa3e0fd0
d655dabe2eeec30d23863bc6739144a47e57e1cd72e6308687b0a1bcf2da442a
db01e1527607dc08fd59d6e431a2383e9d757b91f54c8bae6b13ad0d43ec800d
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0521b1c1e29ecd693b29dd96da1d2fff7242c769d2275645542c869d7f3be21
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5f33bb8abc8d2a877b1a18013e42557250d53b75cd4e017d69215f7c97ee8ba
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ed92c951c39983af4f5fac78a5bab4c390b3faf7c46e2a35256ee38f5443ffa2
ef69230a5691630a76604fedaef593e8a1719117980b7bf29b3ddebb7db8e38b
f1fb1acc5b64bca72edb668e9e05a5713998b18faa3ce7c4e72547b9f15f0045
f212e942ac33fd93669f03a55e2c0192224cdb6870b376fac8d3c5255cd01225
f8798f7b524cdd6e929a20e928ef1fb0240b4fbbaf5dfc56a31f32d06464ef4a
fb56af9f7623a55839dfb9cf019b05664a62e1b41671d925f3ed587c506443b5
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1