www.darkreading.com Open in urlscan Pro
2606:4700::6812:6e2f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Submission: On August 25 via api (August 25th 2023, 2:10:15 am UTC) from TR — Scanned from DE

Summary HTTP 273 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 38 domains to perform 273 HTTP transactions. The main IP is 2606:4700::6812:6e2f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 141556.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	2606:4700::68... 2606:4700::6812:6e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
26	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
9	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
5	13.32.99.66 13.32.99.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:b96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	184.25.216.9 184.25.216.9	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.99.47 13.32.99.47	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	18.66.97.10 18.66.97.10	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:6c00:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	52.222.236.74 52.222.236.74	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.18 13.32.99.18	16509 (AMAZON-02) (AMAZON-02)
1	108.138.17.27 108.138.17.27	16509 (AMAZON-02) (AMAZON-02)
1 2	192.29.69.231 192.29.69.231	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:6d2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.210.135.174 3.210.135.174	14618 (AMAZON-AES) (AMAZON-AES)
2	3.65.152.79 3.65.152.79	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
2 2	37.252.172.123 37.252.172.123	29990 (ASN-APPNEX) (ASN-APPNEX)
2	54.159.165.205 54.159.165.205	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	66.235.152.152 66.235.152.152	15224 (OMNITURE) (OMNITURE)
2 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
13	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
36	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
12	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	23.218.209.56 23.218.209.56	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.72.72.95 52.72.72.95	14618 (AMAZON-AES) (AMAZON-AES)
1	216.58.206.38 216.58.206.38	15169 (GOOGLE) (GOOGLE)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	130.162.160.243 130.162.160.243	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
1	52.71.153.141 52.71.153.141	14618 (AMAZON-AES) (AMAZON-AES)
2	2.18.161.51 2.18.161.51	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
40	18.66.112.15 18.66.112.15	16509 (AMAZON-02) (AMAZON-02)
3	54.147.76.157 54.147.76.157	14618 (AMAZON-AES) (AMAZON-AES)
273	55

36 2606:4700::6812:6e2f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.99.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-66.fra60.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:b96 (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.25.216.9 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-216-9.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-47.fra60.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:6c00:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-74.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-18.fra60.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.17.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-27.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.29.69.231 (Toronto, Canada) 1 redirects

ASN31898 (ORACLE-BMC-31898, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6d2f (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.210.135.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-135-174.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.65.152.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-65-152-79.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.123 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.159.165.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-165-205.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.152.152 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-152.data.adobedc.net

iirexhibitionslimite.tt.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.218.209.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-56.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.72.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-72-95.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.38 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.153.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-153-141.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.161.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-161-51.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 18.66.112.15 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-15.fra56.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.147.76.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-147-76-157.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	celtra.com ads.celtra.com — Cisco Umbrella Rank: 3499 cache-ssl.celtra.com — Cisco Umbrella Rank: 4401 track.celtra.com — Cisco Umbrella Rank: 4298	1 MB
39	darkreading.com 2 redirects www.darkreading.com — Cisco Umbrella Rank: 141556 beta.darkreading.com — Cisco Umbrella Rank: 316594 trk.darkreading.com — Cisco Umbrella Rank: 639834 c.darkreading.com — Cisco Umbrella Rank: 416412	969 KB
37	moatads.com z.moatads.com — Cisco Umbrella Rank: 652 mb.moatads.com — Cisco Umbrella Rank: 708 px.moatads.com — Cisco Umbrella Rank: 585	678 KB
33	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 ad.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	282 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 155	354 KB
13	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 401	91 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 354	289 KB
9	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 51828	153 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	366 KB
6	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3101 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	teads.tv a.teads.tv — Cisco Umbrella Rank: 1579 t.teads.tv — Cisco Umbrella Rank: 2778	133 KB
5	informa.com static.iris.informa.com — Cisco Umbrella Rank: 52492	32 KB
4	youtube.com www.youtube.com — Cisco Umbrella Rank: 84	132 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1865 in.ml314.com — Cisco Umbrella Rank: 10481	12 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 15787 eu01.in.treasuredata.com — Cisco Umbrella Rank: 22744	20 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	21 KB
3	dpmsrv.com s.dpmsrv.com — Cisco Umbrella Rank: 24301 a.dpmsrv.com — Cisco Umbrella Rank: 20392	64 KB
2	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6490	515 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 740 script.hotjar.com — Cisco Umbrella Rank: 946	61 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 289998 assets.ubembed.com — Cisco Umbrella Rank: 12260	49 KB
2	gstatic.com fonts.gstatic.com	42 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	176 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 736	56 KB
1	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 10595	464 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 328	1 MB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 394	98 B
1	omtrdc.net iirexhibitionslimite.tt.omtrdc.net — Cisco Umbrella Rank: 445816	811 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2709	258 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1344	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1642	15 KB
1	en25.com img.en25.com — Cisco Umbrella Rank: 6367	3 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1215	48 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 596	303 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2782	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	7 KB
1	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 57	56 KB
273	38

	Domain	Requested by
40	cache-ssl.celtra.com	ads.celtra.com www.darkreading.com
30	px.moatads.com
28	beta.darkreading.com	www.darkreading.com beta.darkreading.com
26	securepubads.g.doubleclick.net	www.darkreading.com www.googletagservices.com
13	js-agent.newrelic.com	www.darkreading.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.darkreading.com ad.doubleclick.net tpc.googlesyndication.com
12	pagead2.googlesyndication.com	www.darkreading.com ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
10	cdn.cookielaw.org	www.darkreading.com
9	eu-images.contentstack.com	www.darkreading.com
8	www.googletagservices.com	securepubads.g.doubleclick.net www.googletagservices.com
7	www.darkreading.com	1 redirects www.darkreading.com
6	z.moatads.com	securepubads.g.doubleclick.net
5	www.google.com	www.darkreading.com securepubads.g.doubleclick.net
5	static.iris.informa.com	www.darkreading.com
4	www.youtube.com	www.darkreading.com www.youtube.com
3	track.celtra.com
3	a.teads.tv	securepubads.g.doubleclick.net www.darkreading.com
3	www.google-analytics.com	www.darkreading.com
2	t.teads.tv
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	ml314.com	z.moatads.com ml314.com
2	cm.g.doubleclick.net	2 redirects
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	www.darkreading.com
2	www.google.de	www.darkreading.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.darkreading.com
2	trk.darkreading.com	1 redirects www.darkreading.com
2	fonts.gstatic.com	www.darkreading.com
2	www.googletagmanager.com	www.darkreading.com
2	code.jquery.com	www.darkreading.com securepubads.g.doubleclick.net
1	bam.eu01.nr-data.net	www.darkreading.com
1	in.ml314.com	ml314.com
1	s0.2mdn.net	www.darkreading.com
1	mb.moatads.com	z.moatads.com
1	ad.doubleclick.net	www.googletagservices.com
1	ads.celtra.com	www.darkreading.com
1	e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com	www.darkreading.com
1	idsync.rlcdn.com	www.darkreading.com
1	iirexhibitionslimite.tt.omtrdc.net	www.darkreading.com
1	vc.hotjar.io	www.darkreading.com
1	ping.chartbeat.net	www.darkreading.com
1	region1.analytics.google.com	www.googletagmanager.com
1	assets.ubembed.com	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	script.hotjar.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	www.googleoptimize.com	www.darkreading.com
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	stackpath.bootstrapcdn.com	www.darkreading.com
1	cdnjs.cloudflare.com	www.darkreading.com
1	lh3.googleusercontent.com	www.darkreading.com
273	58

This site contains links to these domains. Also see Links.

Domain
blackhatmea.com
www.blackhat.com
darkreading.tradepub.com
messages.blackhat.com
www.welivesecurity.com
www.informationweek.com
sector.ca
www.interop.com
www.networkcomputing.com
www.itprotoday.com
www.datacenterknowledge.com
www.omdia.com
info.wrightsmedia.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
tech.informa.com
www.informa.com
www.onetrust.com
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.js.ubembed.com E1	`2023-08-21` - `2023-11-19`	3 months	crt.sh
*.en25.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-21` - `2024-05-20`	a year	crt.sh
*.dpmsrv.com Amazon RSA 2048 M01	`2023-03-18` - `2024-04-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-03`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1	`2023-08-22` - `2024-09-21`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
celtra.com Amazon RSA 2048 M01	`2023-02-20` - `2024-02-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
ml314.com GTS CA 1D4	`2023-08-05` - `2023-11-03`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-02-27` - `2023-12-14`	10 months	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Frame ID: 7706FD45D995BCB69220C623569F75C5
Requests: 168 HTTP requests in this frame

Frame: https://e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7035E35C12889C9C62EF0EBA7585D325
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVUssJ5w6NWhyqd-6j-kLeno0iBHRFbokQ4pLRQEvh6X9Cm6yWfvxGalT6t_x-Kl4lHVnfa5FA77nY18marmh_gezXdUzQfoyerxXRnUY0-1CgemzGdoPAMDYMhO7PRowKNKm_d6QgixSQ2jGIQSBx2iF8hzr23UJzBeU0xh_LKAAb0KhE5086-MUcZb1OzyRmaUxx9UPMUfSBJ7t_I1Vujd8pI1SMpY-OaZhYgF0Y0-W4UKwEh_pfY4FDisA_ptQLqcJ3XCdmJUe88HX17dfl5WvMR3Lo7H35TG-GQA8a9jT6QpR5Usvs0Ublc2Vbjo-rkfQF9x--4yoqjwTKmfngnWyZL-aYnrfmNKgxxIJVCTDgjxpCE0w-QXA51Z06BQQQdsf5k1ZhRc1uQA&sai=AMfl-YSu-6BV7yGW5LTgOvm9HuMiBgCnqtn7rjBjNJuoe4vKN_HWNDy5iLoYc5gTpBWWIo1HFxlm0vqbqyeQke3sJcFWltyqrX8QnzMp-6cYqTE_tMkx4Agt6U4E8TvAlw&sig=Cg0ArKJSzPkQvBfAcb6fEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 8AE472EF3499BA19BE738AF165CFCAD2
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkzo9CvoOjmXf2ceqqHs0jCPrMKUq2tLu4qWi4FgFbmlkMz06-4-kdN2s69ZcOCgChhAzhDnhGfSapOckxnMyQHGTMHxPadEG7xaJ_p_amRxMmTyyhSibuqSEclW4JrnpL-7Vvp1VyRLXWXsnBmyQxqi7goGmKfFCU057BU-7Gy26nC3OCI4JTRvYc5QF33fopvmIDJcJ6EZGe9lWi1FOhn64Y1-ASINPzqzdLla2gRgd5_bOhzIIjKfaXsmNalOGTSWX73xEW7DX6ZsXwb69Sc0-7m7BC20Qnx9GC0f_tOD8_uf-nyWvWmzDjIqErB2Gt_m_9j2SwNR6pnQ7divcTJWeAWtvejgeg9uVPPkbLvbl8AWY8pvcp144t&sai=AMfl-YT7ilWrUNVdmN_eGfL9l7lKKYMVp8L4kk5G0A4tLoJsw3P4bqLSyetp6Ylkhabqejx7pX2lOo0AfzbhHZ3r92wOVYaGIekw0zOIrBmJiXj6ncHp8k7UQNDHU4xbdkA&sig=Cg0ArKJSzL6vRMVQnKjJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: B6FAEEE7B85C0C4A487452F8756A5EB3
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXdpYORWy1Qhu8oVzth9KBuLDZLegdvetS7IsbQErCE50ib-k6MrysXZxPjKHBiXIih9embBkDDbJAeafeg9Kiz_lD8WAPqipSJ7p0MVuxgIm2duOPUict6nCnhgyjD5tgTG1I595NWtQYxzSUIfKcBkb6EWUqyKEb9PYNhxAHHe4UG2dsVlXRWMYsbb3uj_IhYsXgFkhZqlshOt374IqP21-PIkWhH0X0a9y5qGfmHraFb_gDyAiPodbRNLti8qhmxbn3nanP_sURFYV55aJrEyWYfEBRc1zlwSC7X4QQfBTGve6ghJsLSmAbwdFlES5xD8dYbnVmiqIYj58AB0ybLfJD31XPvqAbiaJ9jojLqPVELS8&sai=AMfl-YS59SIPLpPTkfBdrXQumICmmXZ27OyKqLW2Wx160nYFVUAmYF8WBH-ZdjPADrUXvc03KAAI8PtkQu2f5KDivuZn4CErQx9rKVQBKb6wMh8NV5MQ1rcTgpiHImUixQ&sig=Cg0ArKJSzPCZc3Fc34N6EAE&uach_m=[UACH]&adurl=
Frame ID: 23BBA90EBC7ECED8E7FBC5E98AAC4205
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2ZE7Iv9RgDZs7RQjbHf-20swDq6OiHDTF8jMO_SY3zTLaXA3hZTfXdH__lKjEETHPO0SY7Tt32nILyCfx2H_rM9XsAWb_2kXh4849fsdRcgSy50kr1XZk_3SJ4SE3cjXwuOiNS9DhZ9aWxj83f8fRQcYmNktdzH-70GqLQu1Omvg-6_LUKKfF669T2H-1hU8-NXhXV264yHqvvBN98HHM0gzFoI8CsyZmV9ZfiX3tJ23om4xFs6wQwVwRefFOQy4zwPrTQvF10VzIfPMHS3mtClFlkvGn6ynieLMJPmNOpcEoG1q73rhOGiYiQb6R289zGKnPdI8cvmdRBVNBofIm3Dx7AeA0lAb16IH6aWpvq_7uE-0&sai=AMfl-YTh_Go16W5WrpD5WnXaROPc3Z5e5ChBkZM5BdR2kZzrCLJdXzWDOpSuNF-4EtVjRvRYzUgDLadeBZgQHT14z4u6dSsHrLABG8xW2lC66N1MyAI1BF2upEuxOeAvIw&sig=Cg0ArKJSzKlM_-FgjDPGEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E36E106E39348263D6399D6C8F9CD919
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdY6AB96T2acyjcucTyBpo-H9WqhNI2aK1IPK3JBrWxFXOFN60sJyckSAZRJgUAkjkc5vgSaX3TBffJJIbQGs619Pv_EEZoWAS3ukhZOoLGqTYt-eC45iOhwmegvkYqdfnmj0SRdceh_BPYQfENCZ7r9s1vdeSqHpCpqZ8Y6NhRJMUW3oK2M8cU6dihASM4MLpaWWtA1XdL2an58STJBQbyfM5IvTf2j2JLoSKF3pfc8gP63oxW5Hr4Q1CSVdy6xP5VkhfPN6TvVVtusCh4cdCewgDlbU9ur6fMAGJDqH9iGq_WIK8XXLTFZJKHmCzaddG9Vr8p4VgS5IzHZJXJWZq45q7wfmdQmJRqgIhFgub8ZOKR5hLG_Hx&sai=AMfl-YRKnvwep_-TvCCqDsz9Y51lQzt3FQkQb2DjJHVsE5t56awmUkuAZMj_HrDTC33d3P6ok0t_FIPzMFUom2NirrEN1y4AUBqdln1ff5qE5yOjXULRNAnVWV1Vm9LcCw&sig=Cg0ArKJSzPMm4gY8-0nREAE&uach_m=[UACH]&adurl=
Frame ID: 7F64B7218402F2EAA6443928E569FCFE
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWZkpKgs-_TELffnWgIsizOexz167DLF1gBb9wx0VmSsumzRnAz8p67Uv7Rq_LmEkOp3SSAHD30IiBPrX2_pqQebaf5Ho2aZyvwHfzQIFrTgtUD1J5sOXHY2j05r-FEjyByHhY17IeRBIedlV0DwKz-gfMKWiLZAvBZqWTE812M0qvDccfap8ALLd-lA9UttRKvYIeEOsn7TkGFOvrCORrDwoNdOhxMFhvqX14cSYiQseErPykuHBvzO6Q11oXlH5FyEbh_k1Xjc_2-IJB80l1XxjqDZEpZ3TuhI6SCViMzyYjZw4oBtcVa342EL0-WACq5wszFsyRE5LIofUAlRmgYYrQLHu1JdnZGFcczpGpAGXmGm828aWa&sai=AMfl-YSfQO_eDrFTBpvs5TFq5L7tLBB66yk_nT7Zz748cD4vuSyDsEDJrsyOt6j2ylGYSdqrQ_NnTt1NP0cKSysjePofGCoU2I2r-I0uHjVf-HRm9iqSbAJvOdwjKjpiang&sig=Cg0ArKJSzJJpQrXZFH-sEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 26371C528DB29739904CF31A632A5A88
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGd6VcDujoSR4oYwNRopZ2RCPhlj16A3_YJ-os3Lqd9noDniSXta1Cj6tEgAYXz8Rs63e9o2XeqvOjQN5Ixm5HNBLjdzSXxLMFKNCZVBZCM5crIZxDz_K42ZimzNEpsjxdORu5cmHuRMPHC9KVNaoai6usnojrt4n1Unbw2Of727mOotvVivKfHSbdpCu1jU70CvaNB9EXOJwGDQhoUwTxP29THG4D3qaMRdrQy4laVHCIKxwvN7gSbGpIIxyVXOoLEfndZ_l-94aVFClFhecc3iLZY0ZeDe5Z9oRLSuBOnc9_-HNEZp3natwEN5D9uAAISaalsSzlMLw6MXcAiH36zMEockX2aMqkNkuv-mQTNtGxzR6T8diI&sai=AMfl-YRx9Fn_OU8eLYfgWmiAELNkfuSJ9Ut3f6XqmeBbs1qUdYKbglSNHdhdnqy6YhXZSGQ9MzhB4mqHRYLGqMTKP-hHQWbqQTj_rf3hsN3Kj7gEtTvh4xrGspvR5J3D-8k&sig=Cg0ArKJSzA2Eio2DpyrgEAE&uach_m=[UACH]&adurl=
Frame ID: 03EF36D9DAE8BB7C75FEA6C0547E37E1
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07D329CF553646A2A48FFA3994194E7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A05FFF42DE7FAF6278A3C786D66BD87
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E647D30C4B6F89E0EADEA956BFCB7786
Requests: 3 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Frame ID: 21428694E0CFC7C4CE890DBD15B9344F
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

eBay Users Beware Russian 'Telekopye' Telegram Phishing BotCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

273
Requests

98 %
HTTPS

46 %
IPv6

38
Domains

58
Subdomains

55
IPs

7
Countries

6716 kB
Transfer

14755 kB
Size

40
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: https://blackhatmea.com/?cid=smartbox_techweb_session_16.500303&_mc=smartbox_techweb_session_16.500303
Title: Black Hat Middle East and Africa - Nov14-16 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/trj-23/?cid=smartbox_techweb_session_16.500302&_mc=smartbox_techweb_session_16.500302
Title: Black Hat Japan Trainings - Nov 13-14 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_hypf04&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001322&_mc=smartbox_techweb_upcoming_webinars_8.500001322
Title: Where and When Automation Makes Sense For Enterprise Cybersecurity

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_forq237&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001324&_mc=smartbox_techweb_upcoming_webinars_8.500001324
Title: Implementing Zero-Trust With A Remote Workforce

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_resourcemenu
Title: Newsletters >

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_header
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_hypf04&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_xona16&ch=drsitebell
Title: Event

Search URL Search Domain Scan URL

URL: https://messages.blackhat.com/2022-attendee-report-2022?kcode=drsite
Title: Report

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/en/eset-research/telekopye-hunting-mammoths-using-telegram-bot/
Title: a blog post published today

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=dr_eoa
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf67&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005460&_mc=smartbox_techweb_whitepaper_14.500005460
Title: The Forrester Wave: External Threat Intelligence Service Providers, Q3 2023

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh33&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005360&_mc=smartbox_techweb_whitepaper_14.500005360
Title: Rediscovering Your Identity

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/Security
Title: More White Papers

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf62&ch=sbx&cid=smartbox_techweb_analytics_7.300005996&_mc=smartbox_techweb_analytics_7.300005996
Title: What Ransomware Groups Look for in Enterprise Victims

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_manf57&ch=sbx&cid=smartbox_techweb_analytics_7.300005992&_mc=smartbox_techweb_analytics_7.300005992
Title: How to Use Threat Intelligence to Mitigate Third-Party Risk

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cohe04&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001326&_mc=smartbox_techweb_upcoming_webinars_8.500001326
Title: Protecting the Database: How to Secure Your Enterprise Data

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_sysf08&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001327&_mc=smartbox_techweb_upcoming_webinars_8.500001327
Title: The Threat Hunter's Playbook: Mastering Cloud Defense Strategies

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_wiza22&ch=sbx&cid=smartbox_techweb_upcoming_webinars_8.500001329&_mc=smartbox_techweb_upcoming_webinars_8.500001329
Title: Managing Security In a Hybrid Cloud Environment

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_invj50&ch=sbx&cid=smartbox_techweb_analytics_7.300005987&_mc=smartbox_techweb_analytics_7.300005987
Title: How Enterprises Are Managing Application Security Risks in a Heightened Threat Environment

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_defa4088&ch=sbx&cid=smartbox_techweb_analytics_7.300005984&_mc=smartbox_techweb_analytics_7.300005984
Title: Successfully Managing Identity in Modern Cloud and Hybrid Environments

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_darl08&ch=sbx&cid=smartbox_techweb_analytics_7.300005973&_mc=smartbox_techweb_analytics_7.300005973
Title: The Promise and Reality of Cloud Security

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh32&;ch=sbx&cid=smartbox_techweb_whitepaper_14.500005359&_mc=smartbox_techweb_whitepaper_14.500005359
Title: 2023 Global Future of Cyber Report

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh31&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005358&_mc=smartbox_techweb_whitepaper_14.500005358
Title: Cybersecurity in a post pandemic world: A focus on financial services

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_delh30&ch=sbx&cid=smartbox_techweb_whitepaper_14.500005357&_mc=smartbox_techweb_whitepaper_14.500005357
Title: Cybersecurity in 2023 and beyond: 12 leaders share their forecasts

Search URL Search Domain Scan URL

URL: https://sector.ca/?cid=smartbox_techweb_session_16.500299&_mc=smartbox_techweb_session_16.500299
Title: SecTor - Canada's IT Security Conference Oct 23-26 - Learn More

Search URL Search Domain Scan URL

URL: https://www.interop.com/
Title: Interop

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/
Title: InformationWeek

Search URL Search Domain Scan URL

URL: https://www.networkcomputing.com/
Title: Network Computing

Search URL Search Domain Scan URL

URL: https://www.itprotoday.com/
Title: ITPro Today

Search URL Search Domain Scan URL

URL: https://www.datacenterknowledge.com/
Title: Data Center Knowledge

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/
Title: Black Hat

Search URL Search Domain Scan URL

URL: http://www.omdia.com/
Title: Omdia

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3

Search URL Search Domain Scan URL

URL: https://tech.informa.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://tech.informa.com/cookie-policy
Title: Cookies

Search URL Search Domain Scan URL

URL: https://tech.informa.com/privacy-policy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://tech.informa.com/terms-and-conditions
Title: Terms

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuN9yXMSTqgwHv0F_BJx9tUwtHTp3qbfbK3-ZecZQKv2jNvvZ4hto8UZW4zo8BJCNDHCRqGS2qrGUP4IEfcMV7WH_5iGTAnYVLBngcEVZaiHJGVDRPFGyRPBbgWFnqsh3iyJH5ndaXXxiBAYH_hvLBJoQyibC5AuDQL5RTzRbqt0hlQiKWn_6dZ1gvFoadHt5qr5mLmNg30966xqSxXYX8R_aGvti8biib-eT02v7On3mJsarVIgfVT3llYgIPMo3QXYPapkfaSe3WH9vYcdBj7E4LYYrizgDJdy0NqoiBzA4OLpfMQB5Yh7KOd6H-2qOi0m_lRFSTQY46leJRQou2rbgCItFXSCzLY2ra0ebKIVSTIPi55&sai=AMfl-YRmfFzoDfuqYx3pQ8opYRHpCpGv7Jn9AewOmwsJ40Axk8KYSq4rpafDGyon-wBMAlc03Z-NFjbOaCi3oCX8JUnX2bM2ncORJ0g4p3SH8wn6dFlqBthCc_XUh1P0ANA&sig=Cg0ArKJSzI68oMeztgXSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.sophos.com/en-us/products/managed-detection-and-response?cmp=153278&utm_source=awareness&utm_medium=field-sponsored-ads&utm_campaign=2022-11-AMER-USA-Dark-Reading-Threat-Intelligence-TAP-Q3-153278&utm_content=ad-link(banner)

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ref2=elqNone&tzo=-60&ms=210&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ref2=elqNone&tzo=-60&ms=210&optin=disabled&elq1pcGUID=3C26829D3B1E47B58C6AA5C5051C0EE6

Request Chain 94

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D861105%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fthreat-intelligence%252Febay-users-russian-telekopye-telegram-phishing-bot HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D861105%2526tzOffset%253D-120%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fthreat-intelligence%25252Febay-users-russian-telekopye-telegram-phishing-bot HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=2402797418881220035&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=861105&tzOffset=-120&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot

Request Chain 98

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=2402797418881220035&pixelIndex=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=2402797418881220035&pixelIndex=0&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2402797418881220035&pixelIndex=0&google_gid=CAESEDGuaCx9G7I1o_YIM9j6-4U&google_cver=1

Request Chain 207

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png HTTP 302
https://www.darkreading.com/404

273 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ebay-users-russian-telekopye-telegram-phishing-bot Show response
www.darkreading.com/threat-intelligence/ 477 KB
73 KB 803ms
759ms Document
text/html 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92cb5a6a74d10d7aec19253d6e85d0e41838417e0f72021917dc950737f0b027

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fc04bf09dc24dcd-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 25 Aug 2023 02:10:06 GMT
server: cloudflare
vary: Accept-Encoding, Origin
x-proxy-by: https://www.darkreading.com

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 47ms
21ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 55778
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3126707b-901e-017e-65e1-5a017c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bf58e32920e-FRA
expires: Sat, 26 Aug 2023 02:10:06 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 45ms
19ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: X1C0PY0lSDg1JSpsyFxfYA==
age: 35240
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6837
x-ms-lease-status: unlocked
last-modified: Wed, 23 Aug 2023 03:26:30 GMT
server: cloudflare
etag: 0x8DBA388BDFFAADC
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3ecb945a-b01e-0048-37fa-d524b4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bf58e34920e-FRA

GET
H2 200 adsensebase.js Show response
beta.darkreading.com/js/prebid-ads/ad_utils/ 24 B
172 B 390ms
371ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads/ad_utils/adsensebase.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 11:11:45 GMT
server: cloudflare
etag: W/"18-189cfb22168"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 7fc04bf589704dcd-FRA
content-length: 24
expires: Fri, 25 Aug 2023 04:10:06 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 50ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9018943a1eabee4bcc9243110242c787c2baa6ef113597eccadc0157af070cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28722
x-xss-protection: 0
server: cafe
etag: 137 / 19594 / 31077296 / config-hash: 11948005394286062217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:06 GMT

GET
H2 200 a9499c2835cbb6e5.css
beta.darkreading.com/_next/static/css/ 410 KB
60 KB 43ms
24ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/a9499c2835cbb6e5.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6385276858ff10f341ffcee98ab1377dc9462fa771873a6aa2798f954ed79432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 11:14:02 GMT
server: cloudflare
age: 1326975
etag: W/"6664f-189cfb43890"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf5896e4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 webpack-2f46f2a0905b37fb.js Show response
beta.darkreading.com/_next/static/chunks/ 4 KB
2 KB 18ms
18ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-2f46f2a0905b37fb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3e4e745f23b97d4279ece0602fa507729dfc0b7350deea0d953370abf41eafd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Jul 2023 10:14:25 GMT
server: cloudflare
age: 3077264
etag: W/"ef3-18972cb2be8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf619d24dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 framework-70134ee1270fb32c.js Show response
beta.darkreading.com/_next/static/chunks/ 128 KB
42 KB 22ms
22ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework-70134ee1270fb32c.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963304
etag: W/"1fec8-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf639ec4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 main-9bc1cfd325d1370f.js Show response
beta.darkreading.com/_next/static/chunks/ 111 KB
30 KB 22ms
22ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-9bc1cfd325d1370f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963303
etag: W/"1bd10-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf66a054dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 _app-8a20e808c30a0f3a.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 497 KB
158 KB 28ms
28ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-8a20e808c30a0f3a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced4850c7787d0a3db0508f45997c2721376600c75d1f6968a56993e4ee15913

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Jul 2023 10:14:25 GMT
server: cloudflare
age: 3077264
etag: W/"7c424-18972cb2be8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf69a1d4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 af537566-88286964f7a0b5d1.js Show response
beta.darkreading.com/_next/static/chunks/ 269 KB
80 KB 24ms
24ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/af537566-88286964f7a0b5d1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Jul 2023 10:14:25 GMT
server: cloudflare
age: 2521775
etag: W/"43344-18972cb2be8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf6da544dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 80f08544-c91db5296fc68d77.js Show response
beta.darkreading.com/_next/static/chunks/ 72 KB
19 KB 19ms
19ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/80f08544-c91db5296fc68d77.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963303
etag: W/"11e1b-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf71a744dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 265-2f47a5945553d0a6.js Show response
beta.darkreading.com/_next/static/chunks/ 49 KB
17 KB 17ms
17ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/265-2f47a5945553d0a6.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963302
etag: W/"c216-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf73a7f4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 106-6e732169920a1a66.js Show response
beta.darkreading.com/_next/static/chunks/ 8 KB
3 KB 16ms
16ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/106-6e732169920a1a66.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963302
etag: W/"1eec-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf75a8d4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 330-44b99de39ae2ad82.js Show response
beta.darkreading.com/_next/static/chunks/ 91 KB
29 KB 21ms
21ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/330-44b99de39ae2ad82.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963302
etag: W/"16df9-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf77a9e4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 410-87a058ee18a2e683.js Show response
beta.darkreading.com/_next/static/chunks/ 179 KB
52 KB 20ms
20ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/410-87a058ee18a2e683.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963302
etag: W/"2cbc2-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf79ac24dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 644-10fece11b4038bdb.js Show response
beta.darkreading.com/_next/static/chunks/ 18 KB
7 KB 21ms
21ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/644-10fece11b4038bdb.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963302
cf-polished: origSize=18434
etag: W/"4802-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7cad84dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 727-cb4d0a5251be82c9.js Show response
beta.darkreading.com/_next/static/chunks/ 7 KB
2 KB 15ms
15ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/727-cb4d0a5251be82c9.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963301
etag: W/"1ad3-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7dae64dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 353-c5fb30de1cdcd743.js Show response
beta.darkreading.com/_next/static/chunks/ 115 KB
28 KB 28ms
26ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/353-c5fb30de1cdcd743.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963301
cf-polished: origSize=117839
etag: W/"1cc4f-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7eaee4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 314-d27066328fe72a2d.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 25ms
23ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/314-d27066328fe72a2d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963301
etag: W/"20a76-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7eaef4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 274-e20cb371d1281709.js Show response
beta.darkreading.com/_next/static/chunks/ 135 KB
43 KB 22ms
20ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/274-e20cb371d1281709.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963301
etag: W/"21d94-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7eaf04dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 244-ff3831dc21292b31.js Show response
beta.darkreading.com/_next/static/chunks/ 53 KB
14 KB 21ms
19ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/244-ff3831dc21292b31.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963300
etag: W/"d4e2-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7eaf14dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 497-fa357226024fe273.js Show response
beta.darkreading.com/_next/static/chunks/ 17 KB
6 KB 19ms
17ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/497-fa357226024fe273.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 05d30a88a22e25d81e8ef36973a231bb61672e045451d6c26be53c714a01f13b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Jul 2023 10:14:25 GMT
server: cloudflare
age: 3077264
etag: W/"4455-18972cb2be8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7eaf24dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 411-d3fb60788f626717.js Show response
beta.darkreading.com/_next/static/chunks/ 14 KB
3 KB 17ms
17ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/411-d3fb60788f626717.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963300
etag: W/"399e-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf7faf34dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 424-bc7821fc899b94c1.js Show response
beta.darkreading.com/_next/static/chunks/ 80 KB
15 KB 27ms
14ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/424-bc7821fc899b94c1.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cde0ba6abad1fe30f3a310048c2294b25e8cb560ab5a68902b146ad228bf9bfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 20 Jul 2023 10:14:25 GMT
server: cloudflare
age: 3077264
etag: W/"141d1-18972cb2be8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf81b0d4dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 %5BhybidPage%5D-f6822043d08df330.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 37 KB
11 KB 34ms
22ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-f6822043d08df330.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963300
etag: W/"93f1-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf82b144dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/DtMCWEzwsufPhRPwsY8P6/ 3 KB
1 KB 30ms
18ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/DtMCWEzwsufPhRPwsY8P6/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e77656e983d0c5c4cfdb2c23f000338bc9310021e1b97d4fba74af370e1ae280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 11:14:02 GMT
server: cloudflare
age: 1521763
etag: W/"c10-189cfb43890"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf82b154dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/DtMCWEzwsufPhRPwsY8P6/ 91 B
165 B 19ms
16ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/DtMCWEzwsufPhRPwsY8P6/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 11:14:14 GMT
server: cloudflare
age: 1520828
etag: W/"5b-189cfb46770"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf82b174dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 _middlewareManifest.js Show response
beta.darkreading.com/_next/static/DtMCWEzwsufPhRPwsY8P6/ 92 B
170 B 17ms
14ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/DtMCWEzwsufPhRPwsY8P6/_middlewareManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 07 Aug 2023 11:14:14 GMT
server: cloudflare
age: 1520828
etag: W/"5c-189cfb46770"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf82b184dcd-FRA
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 mammothhunt-North_Wind_Picture_Archives-alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt64f7f0e1f9a89013/637d57750ccc3b0efc77af8d/ 127 KB
128 KB 43ms
7ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt64f7f0e1f9a89013/637d57750ccc3b0efc77af8d/mammothhunt-North_Wind_Picture_Archives-alamy.jpg?quality=80&format=webply&width=690

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b59201919b40adedf497e032d9f45a4385fe10f07755c8926192f9c6d59d89fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 688241
x-cache: HIT, HIT
fastly-io-info: ifsz=1140642 idim=1200x797 ifmt=jpeg ofsz=130250 odim=690x458 ofmt=webp
filename1: custom
content-disposition: inline; filename=mammothhunt-North_Wind_Picture_Archives-alamy.webp
fastly-stats: io=1
content-length: 130250
x-request-id: e61bfe955a27c8dc562025e146bab9f8
x-served-by: cache-ams21076-AMS, cache-fra-eddf8230032-FRA
x-runtime: 109ms
server: contentstack
x-timer: S1692929407.744103,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "l3SKQlCFi0E1dfTvN/X1CuyDxZW2e/ENc33bWbj1cSY"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 43ms
29ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 29540
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bf5ec5c35e4-FRA
expires: Sat, 26 Aug 2023 02:10:06 GMT

GET
H2 200 S7aMS9Eu5u1qZduDuF-m167J44KKHyfQC_QT_wjOfV618cEu8R-YoOyWjmKxrDB3wzTWAibTJ9ibeNgyK3nsO1RMsepgugLFT1_YtUHzPopAbN5d6BWVjoEb9NgKMdRpUBT-ZBQKqCPL0ZW331lf6uY
lh3.googleusercontent.com/ 56 KB
56 KB 202ms
166ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/S7aMS9Eu5u1qZduDuF-m167J44KKHyfQC_QT_wjOfV618cEu8R-YoOyWjmKxrDB3wzTWAibTJ9ibeNgyK3nsO1RMsepgugLFT1_YtUHzPopAbN5d6BWVjoEb9NgKMdRpUBT-ZBQKqCPL0ZW331lf6uY

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7d088391c46d36f7145e754bd398129f1c1f88f1e24b81e0e1ac83516e2fdcb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="pasted image 0.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57091
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sat, 26 Aug 2023 02:10:06 GMT

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 47ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1111d"
vary: Accept-Encoding
x-hw: 1692929406.dop254.fr8.t,1692929406.cds106.fr8.hn,1692929406.cds274.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 24038

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ 20 KB
7 KB 29ms
12ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6228237
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6458
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-500f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=542eIGNNKzfMMf7OS%2Fv9ThciC4Oh3xlVgnamWe4Jn1eOBs49wOt6pAIvM38JcZgl381ugsYVLvfjF0aSaNfYcvVUIfSr51mA6RC0wVKd4JzdreO480kP0qfWa8E%2Bz44y7bsJP9AoQDApAwuxqvulD5r8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fc04bf8089591d5-FRA
expires: Wed, 14 Aug 2024 02:10:06 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ 49 KB
15 KB 37ms
15ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 565, 718, 718
age: 17707884
cdn-cachedat: 2021-06-08 18:02:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
server: cloudflare
cdn-requestpullcode: 200
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a9c552a6ef500abddb12a9852509d4ed
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 7fc04bf84fdf3a5e-FRA
cdn-requestpullsuccess: True

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 20ms
18ms Image
image/png 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 718295
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: c4db1c54ea4f1721378f4b91bb375119
x-served-by: cache-ams12733-AMS, cache-fra-eddf8230032-FRA
x-runtime: 100ms
server: contentstack
x-timer: S1692929407.746810,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "htAIuhYFkrfIh4ebFQV7Cvox1lpZVE4TYTsz3tU6djI"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 61ms
42ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fc04bf84b794d38-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 90ms
73ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 7fc04bf62edabb61-FRA
access-control-allow-headers: Content-Type

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 19ms
18ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 76442
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 526a626c-301e-007c-66e1-5a45d3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bf7ef62920e-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 305 KB
89 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa7bd280bd6efd2461f03c075e72feae0dce61bf1264d6ef7416c2ddfddcfde2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 90809
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Aug 2023 02:10:06 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/ 403 KB
127 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 11:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52148
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129871
x-xss-protection: 0
server: cafe
etag: 10423821264569162327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 23 Aug 2024 11:40:58 GMT

GET
DATA 200
OK truncated
/ 78 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pdf.fd517ede.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 17ms
15ms Image
image/png 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.fd517ede.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/a9499c2835cbb6e5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/a9499c2835cbb6e5.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:06 GMT
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Mon, 07 Aug 2023 11:14:02 GMT
server: cloudflare
age: 1326973
cf-polished: origSize=11781
etag: W/"2e05-189cfb43890"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fc04bf83b224dcd-FRA
content-length: 8484
expires: Sat, 24 Aug 2024 02:10:06 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v20/ 20 KB
20 KB 34ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 15:06:43 GMT
x-content-type-options: nosniff
age: 471803
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20268
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:19:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 15:06:43 GMT

GET
H2 200 4UaMrEtFpBISdk6h0DfM5aXJ.woff2
fonts.gstatic.com/s/exo/v20/ 22 KB
22 KB 38ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v20/4UaMrEtFpBISdk6h0DfM5aXJ.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62d109f5609e0ace3cfe98efa8b6a5714c85100b2ec5c0ea798acf171aa22f88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:20:27 GMT
x-content-type-options: nosniff
age: 542979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22124
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:22:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 19:20:27 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 24ms
24ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 37368
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 86b120cf-e01e-013e-67e1-5a2892000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bf8de4f35e4-FRA
expires: Sat, 26 Aug 2023 02:10:06 GMT

GET
H2 200 78.c180425dea40d393.js Show response
beta.darkreading.com/_next/static/chunks/ 3 KB
1 KB 19ms
19ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/78.c180425dea40d393.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 05 Jul 2023 11:05:47 GMT
server: cloudflare
age: 3963299
etag: W/"a48-18925bacef8"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 7fc04bf9bc074dcd-FRA
expires: Sat, 24 Aug 2024 02:10:07 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v2.0/ 7 KB
3 KB 43ms
7ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v2.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 10:07:36 GMT
x-amz-version-id: ID.rFhUQG21hU9hnrAlmgiwMuXmUIHpx
content-encoding: br
last-modified: Wed, 15 Feb 2023 16:44:30 GMT
server: AmazonS3
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"2e8cb32ecd32a154a16f47e5344c4733"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 57752
x-amz-cf-id: ttydfZiyST-2KJoygh_SB5_QzJkQVkHJpq55Lt4ZbKbwACZKrGbtgA==

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
205 B 406ms
405ms Fetch
application/json 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
tracestate: 3288925@nr=0-1-3288925-322548631-0cdc8454139c6aab----1692929407043
traceparent: 00-331aabed2d461b0df6197be5e007b000-0cdc8454139c6aab-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiMGNkYzg0NTQxMzljNmFhYiIsInRyIjoiMzMxYWFiZWQyZDQ2MWIwZGY2MTk3YmU1ZTAwN2IwMDAiLCJ0aSI6MTY5MjkyOTQwNzA0M319

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7fc04bfa0c484dcd-FRA
content-length: 2

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
364 B 159ms
158ms Fetch
application/json 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
tracestate: 3288925@nr=0-1-3288925-322548631-553cc2a4b2d6d384----1692929407044
traceparent: 00-2871dc7279b9553b396da408b8191d00-553cc2a4b2d6d384-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiNTUzY2MyYTRiMmQ2ZDM4NCIsInRyIjoiMjg3MWRjNzI3OWI5NTUzYjM5NmRhNDA4YjgxOTFkMDAiLCJ0aSI6MTY5MjkyOTQwNzA0NH19

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 7fc04bfa0c494dcd-FRA
content-length: 2

GET
H2 200 Dark_Reading_Logo_0_200px.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/64b846c01f8b362bec907cc2/ 3 KB
2 KB 9ms
7ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt4ff4a7f9bc8e31f7/64b846c01f8b362bec907cc2/Dark_Reading_Logo_0_200px.svg?quality=80&format=webply&width=222

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

aba6df9a9fb95595b972a470f865ee728e078fe9af8f8dfcd7bbf5fa529eefdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 718294
x-cache: MISS, HIT
filename1: custom
content-disposition: inline; filename=Dark_Reading_Logo_0_200px.svg+xml
fastly-stats: io=1
content-length: 1438
x-request-id: c9753ec4a12aab04aeb5236948ac3d24
x-served-by: cache-ams12741-AMS, cache-fra-eddf8230032-FRA
x-runtime: 78ms
server: contentstack
x-timer: S1692929407.047802,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 Article.svg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/ 3 KB
1 KB 9ms
8ms Image
image/svg+xml 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt27dca7fd9a7ec07d/60da98a6537dbc26a0e2a2d3/Article.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
age: 718299
x-cache: MISS, HIT
content-disposition: inline; filename=Article.svg
fastly-stats: io=1
content-length: 1177
x-request-id: 83e607e405266824c431215d73c10fbb
x-served-by: cache-ams21065-AMS, cache-fra-eddf8230032-FRA
x-runtime: 120ms
server: contentstack
x-timer: S1692929407.047785,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/ 3 KB
4 KB 10ms
9ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt91e5f91ce3f0cdd9/63d0288ac98dbe55ece1d0a9/Nate-Nelson_(1).jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 718282
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: c3f95d9370e798160d7bdf14014890fe
x-served-by: cache-ams21023-AMS, cache-fra-eddf8230032-FRA
x-runtime: 100ms
server: contentstack
x-timer: S1692929407.047885,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 22, 1

GET
H2 200 defnder_monticello_shutterstock.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt98f44de22510187a/64d3d2ba9ad8e19301fd00dd/ 1 KB
2 KB 11ms
10ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt98f44de22510187a/64d3d2ba9ad8e19301fd00dd/defnder_monticello_shutterstock.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

15f5cea00dd2b3f547cad4e67f478474a9ce7bd89959f482b655cdff2fbb356d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 262324
x-cache: HIT, HIT
fastly-io-info: ifsz=395396 idim=1000x562 ifmt=jpeg ofsz=1274 odim=100x56 ofmt=webp
filename1: custom
content-disposition: inline; filename=defnder_monticello_shutterstock.webp
fastly-stats: io=1
content-length: 1274
x-request-id: adde63e2daaa6c6be232c6243c582892
x-served-by: cache-ams21038-AMS, cache-fra-eddf8230032-FRA
x-runtime: 178ms
server: contentstack
x-timer: S1692929407.047966,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "Owkw5/8cSU0tkM09k90j2Da5RqmxP3Wws1otRxpj8EM"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 29, 1

GET
H2 200 CPU-ronstik-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf5812fa15d9b6045/64d3dc810eca526f9b52ba11/ 3 KB
3 KB 11ms
9ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf5812fa15d9b6045/64d3dc810eca526f9b52ba11/CPU-ronstik-Alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

aec960428cdcac5bd30f8d1223dd9e91e87efc13beb5d15cdc77c1bb851d3dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 718294
x-cache: MISS, HIT
fastly-io-info: ifsz=2749039 idim=6298x4198 ifmt=jpeg ofsz=2722 odim=100x67 ofmt=webp
filename1: custom
content-disposition: inline; filename=CPU-ronstik-Alamy.webp
fastly-stats: io=1
content-length: 2722
x-request-id: 269fb0ef22936c225b7b430803c37b7e
x-served-by: cache-ams12760-AMS, cache-fra-eddf8230032-FRA
x-runtime: 123ms
server: contentstack
x-timer: S1692929407.048188,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "/wFOiNFwgyU22vPocqKOm90urGLueVBp1O8K6Mp9aR4"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 glacier-climate-byvalet-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt5cc473210967b67a/64d3f5316d7e8047a848c029/ 2 KB
3 KB 9ms
8ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt5cc473210967b67a/64d3f5316d7e8047a848c029/glacier-climate-byvalet-Alamy.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

cef42ed454fbe16b0cb3244ac836ec077602f770c0777c669351ca801c218e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 718293
x-cache: HIT, HIT
fastly-io-info: ifsz=2111138 idim=4288x2848 ifmt=jpeg ofsz=2466 odim=100x66 ofmt=webp
filename1: custom
content-disposition: inline; filename=glacier-climate-byvalet-Alamy.webp
fastly-stats: io=1
content-length: 2466
x-request-id: 6a56ce80a8e6328e9e76f4630d5b0081
x-served-by: cache-ams21055-AMS, cache-fra-eddf8230032-FRA
x-runtime: 123ms
server: contentstack
x-timer: S1692929407.048186,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "WZ4GfsJnScXkfLy0RZ4oMSr1qRd/eStnx6B91UqtfK0"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1553, 1

GET
H2 200 softwaredevelopment_CarloscastillaAlamyStockPhoto.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt16c248e497646675/648a186ceacca833112ac827/ 3 KB
3 KB 11ms
10ms Image
image/webp 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt16c248e497646675/648a186ceacca833112ac827/softwaredevelopment_CarloscastillaAlamyStockPhoto.jpg?quality=80&format=webply&width=100

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c9d847b693e7d2db02020682f5eaa7754143ae9e9ca2e3e9541ef9b7f56d4534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
age: 718294
x-cache: MISS, HIT
fastly-io-info: ifsz=94737 idim=840x480 ifmt=jpeg ofsz=2700 odim=100x57 ofmt=webp
filename1: custom
content-disposition: inline; filename=softwaredevelopment_CarloscastillaAlamyStockPhoto.webp
fastly-stats: io=1
content-length: 2700
x-request-id: 083e0ce4be9fb7b55c79febd4a061b53
x-served-by: cache-ams21053-AMS, cache-fra-eddf8230032-FRA
x-runtime: 184ms
server: contentstack
x-timer: S1692929407.048440,VS0,VE4
x-contentstack-organization: blt5948195ac13977b0
etag: "KDilUqLGzPZjyRpuEJaR4QNeolVrxLYvKA6SwpI2jnE"
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 0, 1

GET
H2 200 image
www.darkreading.com/_next/ 654 B
919 B 117ms
116ms Image
image/webp 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/_next/image?url=https%3A%2F%2Fbeta.darkreading.com%2F_next%2Fstatic%2Fmedia%2Firibbon-logo.fed34d59.png&w=96&q=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; sandbox;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-security-policy: script-src 'none'; sandbox;
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: qza4NW1Lfj41kbFhQn5vsYUSoszIp4f4zAMpTPLzBHg=
vary: Accept, Origin, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000, must-revalidate
content-disposition: inline; filename="iribbon-logo.webp"
cf-ray: 7fc04bfa0c4c4dcd-FRA

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 124 KB
48 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-W6LRXN3

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

72f941a30af256bb9474f28d6a92af6a67d9d177f530c0307a3c9fda73e05c56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48986
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Aug 2023 02:10:07 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 478 B
730 B 53ms
23ms Script
application/javascript 2606:4700::6812:b96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:b96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c3435d7989e8cc6968d741c016e80e6b73f479a979d3e6fb04d9c69e33ad13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 4147
etag: W/"aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 7fc04bfadbc61c0b-FRA

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 51ms
15ms Script
application/x-javascript 184.25.216.9
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

184.25.216.9 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-25-216-9.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Date: Fri, 25 Aug 2023 02:10:07 GMT
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Mon, 17 Jul 2023 19:34:32 GMT
ETag: "2d8b19b6e5b8d91:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 25 Aug 2023 02:10:07 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 747 KB
62 KB 85ms
8ms Script
application/x-javascript 13.32.99.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-47.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Thu, 24 Aug 2023 22:35:44 GMT
Content-Encoding: gzip
Via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
Last-Modified: Thu, 29 Sep 2022 16:23:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P3
Age: 22979
ETag: "4c2c9bc43f06a59cee56d3211f043fa3"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 63462
X-Amz-Cf-Id: fjmd2GlVNOq_4MTLLqaw8ZD15Dnc4clZRZSBiIflzhWBUzwjxzl7zw==

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 85ms
33ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 25 Aug 2023 02:10:07 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 14 KB
6 KB 33ms
8ms Script
application/javascript 18.66.97.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-10.fra56.r.cloudfront.net

Software

Resource Hash

33aeb8aa4c8ccd807fd757b925e11b25d2327a99e17f4500c475dd8495889672

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:09:39 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4d0ae7ca3bb5e2d6eaa1450e1906adb4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 28
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/18d095013e6bbff8bda72697158872dd
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: 4FTKryiAkOZ09KmcWQ_d54-5GHamcrRhmnBwDJzwTpAyePpY0isSgw==

GET
H2 200 adobe-target.js Show response
beta.darkreading.com/js/third-party/ 191 KB
42 KB 640ms
640ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/third-party/adobe-target.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 11:11:45 GMT
server: cloudflare
etag: W/"2fa26-189cfb22168"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 7fc04bfaaca64dcd-FRA
expires: Fri, 25 Aug 2023 04:10:07 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 25 Aug 2023 01:49:43 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1224
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 25 Aug 2023 03:49:43 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 71ms
7ms Script
application/x-javascript 2600:9000:2057:6c00:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6c00:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 17:21:11 GMT
content-encoding: gzip
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 31736
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: PDcY8fkud6ZIABNATHeUS_WhJmhdTkc_3-xC2k1tXZZ4O_TLlV181A==
expires: Fri, 25 Aug 2023 17:21:11 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 7ms
7ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1ce70c645f6b6846f8672e45bcd296846e0ba2e56add026bfdda616c11646e24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 10:07:36 GMT
x-amz-version-id: Nk5xAiIQbZ4ovEWv8ClX7DT7833POvUB
content-encoding: br
last-modified: Mon, 14 Aug 2023 15:23:30 GMT
server: AmazonS3
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"ad3cff3f163cf6a23fb2557083f7b574"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 57752
x-amz-cf-id: wPclIhoL9q-KIhJl5EmSxSEQ3SY91u0QP8zXzesAzOF9kZczGfpbxw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
87 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b89c9083f4d3f663f120a0922b278de4522e4237e6e1414bc78ae1c78f93b4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 25 Aug 2023 02:10:07 GMT

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 19ms
19ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 40855
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bfadf7735e4-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 26ms
25ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 40855
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 82d0c884-001e-00f7-54e1-5afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bfadf7935e4-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 17ms
17ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 40855
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 372018e9-a01e-001f-18e1-5a03f6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fc04bfadf7a35e4-FRA

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 153ms
135ms Fetch
binary/octet-stream 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Fri, 25 Aug 2023 02:10:08 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 7hC1pWRa5rdAxTmH3bdwj9QIlbIAYLz9iTkqa5FARxKrvGAMLMp7QA==

GET
H2 200 modules.14b820ab47d618317075.js Show response
script.hotjar.com/ 223 KB
55 KB 54ms
8ms Script
application/javascript 52.222.236.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.14b820ab47d618317075.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-74.fra56.r.cloudfront.net

Software

Resource Hash

55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 09:22:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 146881
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55646
last-modified: Wed, 23 Aug 2023 09:21:33 GMT
etag: "acd31f178f50b6cbf2246edb86e5753a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: QRS56vz_LQ5Evacsdun6gs-Q9iWNYQnT4dI7I7XFTpnvnyfTIvjIlA==

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
491 B 138ms
137ms Fetch
binary/octet-stream 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Fri, 25 Aug 2023 02:10:08 GMT
via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: 6B8tI02Fs27NmxUSBIsfelNpQVl6Nq-SKWYgenszsZYCTplv2yZ0LQ==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 7ms
7ms Script
application/javascript 13.32.99.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-66.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
date: Thu, 24 Aug 2023 20:42:20 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 19668
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: pHU0l0u7JT0fxtKIXUAq3I9CFccUn3saJFOtaKZSvJuiMRfLIYp2IQ==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
20 KB 46ms
9ms Script
application/javascript 13.32.99.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-18.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 12 May 2023 01:36:21 GMT
Content-Encoding: gzip
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
Age: 9074027
X-Amz-Cf-Pop: FRA60-P3
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: 1Q_G1df6SF44FBuVWUrvadQmQ_GM88Cxem85ZdLXvqyb2ZKLvRIrDw==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 32ms
6ms Script
application/javascript 108.138.17.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 12 May 2023 18:23:37 GMT
content-encoding: gzip
via: 1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P7
age: 9013591
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: -I5x_m8JV2fWMbPw7_xN5p9NmBWMd2dOEXm7wbx-f3IvrW898TSkaw==

GET
H/1.1

200
OK

svrGP
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ref2=elqNone&tzo=-6...
https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ref2=elqNone&tzo=-6...

49 B
504 B

195ms
195ms

Image
image/gif

192.29.69.231
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ref2=elqNone&tzo=-60&ms=210&optin=disabled&elq1pcGUID=3C26829D3B1E47B58C6AA5C5051C0EE6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

HTTP/1.1

Server

192.29.69.231 Toronto, Canada, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 02:10:07 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 02:10:06 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ref2=elqNone&tzo=-60&ms=210&optin=disabled&elq1pcGUID=3C26829D3B1E47B58C6AA5C5051C0EE6
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 409
X-Xss-Protection: 1; mode=block
Expires: -1

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 18ms
18ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 31789
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: b3e3f85e-601e-00e7-74e1-5ac8eb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7fc04bfb9911920e-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 26ms
25ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 25 Aug 2023 02:10:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 25275
x-ms-lease-status: unlocked
last-modified: Thu, 24 Aug 2023 03:26:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 2b6086b3-901e-002d-50b5-d68af0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 7fc04bfb9912920e-FRA

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 17ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=129594993&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&dp=%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ul=en-us&de=UTF-8&dt=eBay%20Users%20Beware%20Russian%20%27Telekopye%27%20Telegram%20Phishing%20Bot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEABRAAAACACI~&jid=1919561483&gjid=1507430999&cid=1183755547.1692929407&tid=UA-135180592-2&_gid=2035785418.1692929407&_r=1&_slc=1&gtm=45He38n0n81T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=Aug%2024%2C%202023&cd6=threat-intelligence&cd9=application-security%2Cvulnerabilities-threats&cd10=0&cd16=blt0083b144a7d29b9c&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20127&z=468977165

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 46ms
25ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je38n0&_p=129594993&_gaz=1&cid=1183755547.1692929407&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692929407&sct=1&seg=0&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&dt=eBay%20Users%20Beware%20Russian%20%27Telekopye%27%20Telegram%20Phishing%20Bot&en=page_view&_fv=1&_ss=1&ep.content_type=article&ep.content_contributor=nate%20nelson&ep.content_publish_date=Aug%2024%2C%202023&ep.content_main_topic=threat-intelligence&ep.content_id=blt0083b144a7d29b9c&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_sponsor=&ep.content_label=News&ep.content_additional_topics=application-security%2Cvulnerabilities-threats&ep.gtm_container_detail=SCM%7C1.5%7C127&ep.content_topic_real_text=Threat%20Intelligence&ep.content_read_time=3&ep.content_topic-real_text=Threat%20Intelligence
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 51ms
17ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=1183755547.1692929407&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 39ms
17ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=1183755547.1692929407&gtm=45je38n0&aip=1&z=843158070

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
352 B 44ms
16ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-135180592-2&cid=1183755547.1692929407&jid=1919561483&gjid=1507430999&_gid=2035785418.1692929407&_u=aGBACEAARAAAACACI~&z=1405944304

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 25 Aug 2023 02:10:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 175ms
123ms Preflight 2606:4700::6812:6d2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6d2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 7fc04bfccc78366d-FRA
content-length: 0
date: Fri, 25 Aug 2023 02:10:07 GMT
server: cloudflare

POST
H2 200 ed0 Show response
c.darkreading.com/com.iiris/ 2 B
295 B 124ms
123ms XHR
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 7fc04bfd8eaa4dcd-FRA
content-length: 2

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 319ms
100ms Image
image/gif 3.210.135.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&u=K0gRYD-EQLJC6zkqj&d=darkreading.com&g=53678&g0=threat-intelligence&g1=nate%20nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3984&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&b=1953&t=DwTZ9mBxqji9DBz8ocCTwB-2CyiNuN&V=141&i=eBay%20Users%20Beware%20Russian%20%27Telekopye%27%20Telegram%20Phishing%20Bot&tz=-120&sn=1&sv=BEIJFbCtbO-PD4-JTjCP2EodBNs4IM&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.210.135.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-135-174.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/ 209 KB
65 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66086
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Aug 2024 01:22:35 GMT

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 33ms
7ms Preflight 3.65.152.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1692929407465

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.152.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-152-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Fri, 25 Aug 2023 02:10:07 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
478 B 20ms
7ms Fetch
application/json 3.65.152.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1692929407465

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.65.152.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-65-152-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

GET
H2 204 2610568 Show response
vc.hotjar.io/sessions/ 0
258 B 96ms
52ms XHR
text/plain 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/2610568?s=0.25&r=0.09910766102532342
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-110.fra56.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
via: 1.1 342054511f9732c450e11bade76323dc.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: X0dfjVsl_ReHN0g2KChCvHu6IopWC-Kz43mQXHCA2BF-D9kEoDtXCg==

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&zn%3D%26sn%3D%26q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D861105%26tzOffset%3D-120%26url%3Dhttps%253A%252F%252Fww...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26zn%253D%2526sn%253D%2526q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=2402797418881220035&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=861105&tzOffset=-120&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-...

257 B
1006 B

423ms
95ms

Script
text/javascript

54.159.165.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=2402797418881220035&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=861105&tzOffset=-120&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: HTTP/1.1
Server: 54.159.165.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-165-205.compute-1.amazonaws.com
Software: /
Resource Hash: bf9f864b3c9417c83c4d67283d03fc9f4f6b2e3ddee5ef3f9c26bd199f4003a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 227
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
an-x-request-uuid: bb95b4f1-c58a-4bf2-bb73-a862705b1962
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://a.dpmsrv.com/dpmpxl/index.php?id=2402797418881220035&zn=&sn=&q=xImp&v=1.x&cl=55&pixelIndex=0&r=861105&tzOffset=-120&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot
x-proxy-origin: 138.199.38.132; 138.199.38.132; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 75ms
18ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135180592-2&cid=1183755547.1692929407&jid=1919561483&_u=aGBACEAARAAAACACI~&z=1501299622

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 42ms
41ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-135180592-2&cid=1183755547.1692929407&jid=1919561483&_u=aGBACEAARAAAACACI~&z=1501299622

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 delivery Show response
iirexhibitionslimite.tt.omtrdc.net/rest/v1/ 296 B
811 B 125ms
40ms XHR
application/json 66.235.152.152
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL

https://iirexhibitionslimite.tt.omtrdc.net/rest/v1/delivery?client=iirexhibitionslimite&sessionId=8ce3629b1d274d02bf4de7cafbd4917b&version=2.8.1

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.152.152 , United States, ASN15224 (OMNITURE, US),

Reverse DNS

ip-66-235-152-152.data.adobedc.net

Software

jag /

Resource Hash

821df27095f50de71ad33ed457d7b74bb8327b31701b7e36933370a3194017db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 25 Aug 2023 02:10:07 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List
server: jag
x-content-type-options: nosniff
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 1; mode=block
x-request-id: b161347a-bc4f-4058-adba-bb5813f60477

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=2402797418881220035&pixelIndex=0
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=2402797418881220035&pixelIndex=0&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2402797418881220035&pixelIndex=0&google_gid=CAESEDGuaCx9G7I1o_YIM9j6-4U&google_cver=1

0
598 B

95ms
95ms

Script
text/javascript

54.159.165.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2402797418881220035&pixelIndex=0&google_gid=CAESEDGuaCx9G7I1o_YIM9j6-4U&google_cver=1
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: HTTP/1.1
Server: 54.159.165.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-159-165-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:08 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=2402797418881220035&pixelIndex=0&google_gid=CAESEDGuaCx9G7I1o_YIM9j6-4U&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 348
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
98 B 48ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=2402797418881220035
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
3 KB 29ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
date: Fri, 25 Aug 2023 02:10:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V160HEFG7EFECRX2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2851
x-amz-id-2: 0eBKUdrxS14x6LgkTPCmMEB3l0LE6ZMWjtAG9L6qQRKf2HwTDauZumZ0lO0xzHb91rsrxkWwK2Y=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929408.268761,VS0,VE0
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 152

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
6 KB 30ms
7ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-encoding: br
via: 1.1 varnish
date: Fri, 25 Aug 2023 02:10:08 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2GTWHESMXE2S4H4J
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5507
x-amz-id-2: nLBsGDQcGExwI+UkPGkpQBUVNS0b/DFDgLAQZfJmQyr8CFP8PwHdtWTTLlD6GaxD+RjwJy+Stpk=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929408.268857,VS0,VE0
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 122

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
2 KB 30ms
8ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
date: Fri, 25 Aug 2023 02:10:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16A1FCNY83AK894
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1387
x-amz-id-2: upYMIkDsSKQm716sJRiAZiA1Gcm46rhBIW9aR4KcluiHUzwt5sYZ1qhtDXdlsCvnTJifqO5cU7qsZcXYYhk3cw==
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929408.268931,VS0,VE0
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 141

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
15 KB 53ms
52ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408421&lmt=1692922208&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=1600x4007&msz=0x0&fws=132&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=2734278250&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf0c9e96d42b8f925c3efed592638eb80ec787fdf822afc6267c76527a6cc012

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14947
x-xss-protection: 0
google-lineitem-id: 6358972703
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138443124438
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
310 B 51ms
51ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408435&lmt=1692922208&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=1600x4007&msz=0x0&fws=132&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=2045221590&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54b202388597293d84e28a9534ed82dd4d180ec2d715d1fd9abb3f3615fa463e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
6 KB 44ms
44ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1692929408450&lmt=1692922208&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=1600x4007&msz=0x0&fws=132&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=4210692985&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa9dcfbee8d3442fc6d2a1aa666a4c4d11219d88d7be1ed19811a1ce8a28ff90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5608
x-xss-protection: 0
google-lineitem-id: 6140421032
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413419007
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
310 B 56ms
56ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1692929408455&lmt=1692922208&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=1600x4007&msz=0x0&fws=132&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=3062113682&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e54192a6793e65218e35bf9dae67dda00793dea0507b93c11fc3eaf412225c03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
307 B 46ms
46ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408461&lmt=1692922208&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=1600x4007&msz=0x0&fws=132&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=1007812694&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2129fef407f232eea071e42313c7fd01030b3fc09854677a42949798b65293bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 278
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 573 B
308 B 51ms
51ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408466&lmt=1692922208&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=1600x4007&msz=7x0&fws=132&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=2857532071&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2623da68a8260d76a3fe78578ba3f96342ea1c1b4e5bf05f15bcdd3d4e1f822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 279
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
16 KB 81ms
81ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408472&lmt=1692922208&adxs=315&adys=126&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=984x0&msz=970x0&fws=4&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=1448016527&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e381ff9be95839ab9f6e0c2a216cf07fba511a408833deb134c309f7149c684

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16567
x-xss-protection: 0
google-lineitem-id: 6140096305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138409377623
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 71ms
71ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=8&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408478&lmt=1692922208&adxs=308&adys=1014&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=646x1801&msz=646x0&fws=4&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=1784645127&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c3089793b0b3f53b9dbf81f596bcb1fe538686b600959b7e05aeb944c56c028

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12023
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
16 KB 65ms
65ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=9&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408483&lmt=1692922208&adxs=654&adys=1118&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=3594706956&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d917638a6ea98eb321e6c62b63e6d76a1d1a5bf8e230f83b32dc54f4ecb8ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16700
x-xss-protection: 0
google-lineitem-id: 6343976295
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138441419009
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 31 KB
13 KB 74ms
73ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&ifi=10&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408489&lmt=1692922208&adxs=988&adys=206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=477946330&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f11605d2a59c8a289018cab603080a47f1d5d46373eb1702584a2aa8e01cea1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13271
x-xss-protection: 0
google-lineitem-id: 6140421032
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138368021044
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
16 KB 67ms
67ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=118634925123366&correlator=189888006992018&eid=31076475%2C31077253%2C31077296%2C31068366%2C31070233&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=11&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1692929408493&lmt=1692922208&adxs=988&adys=206&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&bz=1&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&vis=1&psz=308x0&msz=300x0&fws=4&ohw=1600&ga_vid=1183755547.1692929407&ga_sid=1692929408&ga_hid=129594993&ga_fc=true&dlt=1692929406296&idt=774&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblt0083b144a7d29b9c%26aid%3D606971%26reg%3Danonymous&adks=1406321409&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cc9703f8d66c26c64e8ce6557012353adf1ce29a935ca3951b4a909b5398a91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16824
x-xss-protection: 0
google-lineitem-id: 6140421032
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413429909
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 184ms
24ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308220101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d4af8b84c14b0d65081429218356184c244068d253bc06e1f7f1fa20e726e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11838
x-xss-protection: 0

GET
H2 200 container.html Show response
e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7035 6 KB
3 KB 54ms
16ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 02:10:08 GMT
expires: Sat, 24 Aug 2024 02:10:08 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
160 B 15ms
14ms XHR
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: VwQPWV9RDRACUVdUDwYAVVc=
tracestate: 3288925@nr=0-1-3288925-322548631-1156d3935c910ba3----1692929408530
traceparent: 00-3d606f33d9ee9dd10a1bf9d6cb305000-1156d3935c910ba3-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyODg5MjUiLCJhcCI6IjMyMjU0ODYzMSIsImlkIjoiMTE1NmQzOTM1YzkxMGJhMyIsInRyIjoiM2Q2MDZmMzNkOWVlOWRkMTBhMWJmOWQ2Y2IzMDUwMDAiLCJ0aSI6MTY5MjkyOTQwODUzMH19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fc04c035b584dcd-FRA

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
2 KB 11ms
6ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
date: Fri, 25 Aug 2023 02:10:08 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16FNAZW59HEFJG0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1085
x-amz-id-2: pkfKdXF0ec9M5wmr/XnuOdiy3sJ9l2J8W0+mV18C4Y/E7ElWkyPmB6Zv+aJ4N+mCS9iq7HMT8b2lg2w+e+nWnw==
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.551080,VS0,VE0
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 156

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AE4 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVUssJ5w6NWhyqd-6j-kLeno0iBHRFbokQ4pLRQEvh6X9Cm6yWfvxGalT6t_x-Kl4lHVnfa5FA77nY18marmh_gezXdUzQfoyerxXRnUY0-1CgemzGdoPAMDYMhO7PRowKNKm_d6QgixSQ2jGIQSBx2iF8hzr23UJzBeU0xh_LKAAb0KhE5086-MUcZb1OzyRmaUxx9UPMUfSBJ7t_I1Vujd8pI1SMpY-OaZhYgF0Y0-W4UKwEh_pfY4FDisA_ptQLqcJ3XCdmJUe88HX17dfl5WvMR3Lo7H35TG-GQA8a9jT6QpR5Usvs0Ublc2Vbjo-rkfQF9x--4yoqjwTKmfngnWyZL-aYnrfmNKgxxIJVCTDgjxpCE0w-QXA51Z06BQQQdsf5k1ZhRc1uQA&sai=AMfl-YSu-6BV7yGW5LTgOvm9HuMiBgCnqtn7rjBjNJuoe4vKN_HWNDy5iLoYc5gTpBWWIo1HFxlm0vqbqyeQke3sJcFWltyqrX8QnzMp-6cYqTE_tMkx4Agt6U4E8TvAlw&sig=Cg0ArKJSzPkQvBfAcb6fEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 8AE4 16 KB
7 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:38:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1889
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6830
x-xss-protection: 0
last-modified: Wed, 24 May 2023 18:59:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Fri, 25 Aug 2023 02:38:39 GMT

GET
H2 200 jquery-1.11.0.min.js Show response
code.jquery.com/ Frame 8AE4 94 KB
33 KB 12ms
11ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.0.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-1787d"
vary: Accept-Encoding
x-hw: 1692929408.dop254.fr8.t,1692929408.cds106.fr8.hn,1692929408.cds154.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33357

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8AE4 181 KB
57 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 8AE4 327 KB
112 KB 49ms
11ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:30:01 GMT
server: AmazonS3
x-amz-request-id: 7RBH51TW3E0VR4S8
etag: "94f6c999f3f24b6cd968e931257701ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13224
accept-ranges: bytes
content-length: 113977
x-amz-id-2: h2mr691ZEpNZ+qUbi4sMJm1b3q0Ql2jARxQjD8282SxmcPVcl+6GHlVevORDCVu4pGOI/WmAoW0=

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=129594993&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&dp=%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&ul=en-us&de=UTF-8&dt=eBay%20Users%20Beware%20Russian%20%27Telekopye%27%20Telegram%20Phishing%20Bot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=welcome%20ad%20served&ea=6358972703&el=138443124438&_u=aGDACEABRAAAACACIAC~&jid=&gjid=&cid=1183755547.1692929407&tid=UA-135180592-2&_gid=2035785418.1692929407&gtm=45He38n0n81T52Z3Z3&cg1=article&cg2=News&cg3=Threat%20Intelligence&cd1=article&cd2=nate%20nelson&cd3=&cd4=News&cd5=Aug%2024%2C%202023&cd6=threat-intelligence&cd9=application-security%2Cvulnerabilities-threats&cd10=0&cd16=blt0083b144a7d29b9c&cd17=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&cd18=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&cd20=vanguard%20-%20127&z=624916420

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Aug 2023 08:40:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 62985
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 79423132981870977
tpc.googlesyndication.com/simgad/ 178 KB
178 KB 35ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/79423132981870977?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67a5c5246d878c5d5687d1ff9a986a79fbf00e754d44e5cf24bf0ea8f4aae1b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 21 Aug 2023 10:58:33 GMT
x-content-type-options: nosniff
age: 313895
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 181782
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 20:51:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 20 Aug 2024 10:58:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6FA 0
26 B 45ms
45ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkzo9CvoOjmXf2ceqqHs0jCPrMKUq2tLu4qWi4FgFbmlkMz06-4-kdN2s69ZcOCgChhAzhDnhGfSapOckxnMyQHGTMHxPadEG7xaJ_p_amRxMmTyyhSibuqSEclW4JrnpL-7Vvp1VyRLXWXsnBmyQxqi7goGmKfFCU057BU-7Gy26nC3OCI4JTRvYc5QF33fopvmIDJcJ6EZGe9lWi1FOhn64Y1-ASINPzqzdLla2gRgd5_bOhzIIjKfaXsmNalOGTSWX73xEW7DX6ZsXwb69Sc0-7m7BC20Qnx9GC0f_tOD8_uf-nyWvWmzDjIqErB2Gt_m_9j2SwNR6pnQ7divcTJWeAWtvejgeg9uVPPkbLvbl8AWY8pvcp144t&sai=AMfl-YT7ilWrUNVdmN_eGfL9l7lKKYMVp8L4kk5G0A4tLoJsw3P4bqLSyetp6Ylkhabqejx7pX2lOo0AfzbhHZ3r92wOVYaGIekw0zOIrBmJiXj6ncHp8k7UQNDHU4xbdkA&sig=Cg0ArKJSzL6vRMVQnKjJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 23BB 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXdpYORWy1Qhu8oVzth9KBuLDZLegdvetS7IsbQErCE50ib-k6MrysXZxPjKHBiXIih9embBkDDbJAeafeg9Kiz_lD8WAPqipSJ7p0MVuxgIm2duOPUict6nCnhgyjD5tgTG1I595NWtQYxzSUIfKcBkb6EWUqyKEb9PYNhxAHHe4UG2dsVlXRWMYsbb3uj_IhYsXgFkhZqlshOt374IqP21-PIkWhH0X0a9y5qGfmHraFb_gDyAiPodbRNLti8qhmxbn3nanP_sURFYV55aJrEyWYfEBRc1zlwSC7X4QQfBTGve6ghJsLSmAbwdFlES5xD8dYbnVmiqIYj58AB0ybLfJD31XPvqAbiaJ9jojLqPVELS8&sai=AMfl-YS59SIPLpPTkfBdrXQumICmmXZ27OyKqLW2Wx160nYFVUAmYF8WBH-ZdjPADrUXvc03KAAI8PtkQu2f5KDivuZn4CErQx9rKVQBKb6wMh8NV5MQ1rcTgpiHImUixQ&sig=Cg0ArKJSzPCZc3Fc34N6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 23BB 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:06:24 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23BB 181 KB
57 KB 25ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 23BB 327 KB
112 KB 14ms
11ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:30:01 GMT
server: AmazonS3
x-amz-request-id: 7RBH51TW3E0VR4S8
etag: "94f6c999f3f24b6cd968e931257701ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13224
accept-ranges: bytes
content-length: 113977
x-amz-id-2: h2mr691ZEpNZ+qUbi4sMJm1b3q0Ql2jARxQjD8282SxmcPVcl+6GHlVevORDCVu4pGOI/WmAoW0=

GET
H2 200 3419088563673378312
tpc.googlesyndication.com/simgad/ Frame 23BB 32 KB
33 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3419088563673378312

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d41ec139c7a9a1d5c36fbb2da10e14d5a3f966fce56c9523aad1c60184d7abf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Sun, 20 Aug 2023 01:24:14 GMT
x-content-type-options: nosniff
age: 434754
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33223
x-xss-protection: 0
last-modified: Fri, 21 Oct 2022 20:12:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Aug 2024 01:24:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 23BB 0
0 16ms
14ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTaRsfTjQzJha_8AyeYC-q-VLjsem9YA2SGaaZlkZhtwGYKiv1SP6I4u1juoZo1rPsCfZ6F
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 23BB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dee9248f37df7818591a6d2ac49ea86ce2c98a0208dd9f4c1f851c401206319

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E36E 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2ZE7Iv9RgDZs7RQjbHf-20swDq6OiHDTF8jMO_SY3zTLaXA3hZTfXdH__lKjEETHPO0SY7Tt32nILyCfx2H_rM9XsAWb_2kXh4849fsdRcgSy50kr1XZk_3SJ4SE3cjXwuOiNS9DhZ9aWxj83f8fRQcYmNktdzH-70GqLQu1Omvg-6_LUKKfF669T2H-1hU8-NXhXV264yHqvvBN98HHM0gzFoI8CsyZmV9ZfiX3tJ23om4xFs6wQwVwRefFOQy4zwPrTQvF10VzIfPMHS3mtClFlkvGn6ynieLMJPmNOpcEoG1q73rhOGiYiQb6R289zGKnPdI8cvmdRBVNBofIm3Dx7AeA0lAb16IH6aWpvq_7uE-0&sai=AMfl-YTh_Go16W5WrpD5WnXaROPc3Z5e5ChBkZM5BdR2kZzrCLJdXzWDOpSuNF-4EtVjRvRYzUgDLadeBZgQHT14z4u6dSsHrLABG8xW2lC66N1MyAI1BF2upEuxOeAvIw&sig=Cg0ArKJSzKlM_-FgjDPGEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 tag Show response
a.teads.tv/page/130102/ Frame E36E 752 B
803 B 83ms
35ms Script
application/javascript 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/tag
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 470
expires: Fri, 25 Aug 2023 03:10:08 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E36E 181 KB
56 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame E36E 327 KB
112 KB 9ms
8ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:30:01 GMT
server: AmazonS3
x-amz-request-id: 7RBH51TW3E0VR4S8
etag: "94f6c999f3f24b6cd968e931257701ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13224
accept-ranges: bytes
content-length: 113977
x-amz-id-2: h2mr691ZEpNZ+qUbi4sMJm1b3q0Ql2jARxQjD8282SxmcPVcl+6GHlVevORDCVu4pGOI/WmAoW0=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F64 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdY6AB96T2acyjcucTyBpo-H9WqhNI2aK1IPK3JBrWxFXOFN60sJyckSAZRJgUAkjkc5vgSaX3TBffJJIbQGs619Pv_EEZoWAS3ukhZOoLGqTYt-eC45iOhwmegvkYqdfnmj0SRdceh_BPYQfENCZ7r9s1vdeSqHpCpqZ8Y6NhRJMUW3oK2M8cU6dihASM4MLpaWWtA1XdL2an58STJBQbyfM5IvTf2j2JLoSKF3pfc8gP63oxW5Hr4Q1CSVdy6xP5VkhfPN6TvVVtusCh4cdCewgDlbU9ur6fMAGJDqH9iGq_WIK8XXLTFZJKHmCzaddG9Vr8p4VgS5IzHZJXJWZq45q7wfmdQmJRqgIhFgub8ZOKR5hLG_Hx&sai=AMfl-YRKnvwep_-TvCCqDsz9Y51lQzt3FQkQb2DjJHVsE5t56awmUkuAZMj_HrDTC33d3P6ok0t_FIPzMFUom2NirrEN1y4AUBqdln1ff5qE5yOjXULRNAnVWV1Vm9LcCw&sig=Cg0ArKJSzPMm4gY8-0nREAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 7F64 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:06:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F64 181 KB
56 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 7F64 327 KB
112 KB 49ms
48ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:30:01 GMT
server: AmazonS3
x-amz-request-id: 7RBH51TW3E0VR4S8
etag: "94f6c999f3f24b6cd968e931257701ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13224
accept-ranges: bytes
content-length: 113977
x-amz-id-2: h2mr691ZEpNZ+qUbi4sMJm1b3q0Ql2jARxQjD8282SxmcPVcl+6GHlVevORDCVu4pGOI/WmAoW0=

GET
H3 200 8964380164734132489
tpc.googlesyndication.com/simgad/ Frame 7F64 48 KB
48 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8964380164734132489

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca018950c7928f948c38d3ca0a66f7854f7ced4b970de8d66547deab295aeef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 11:15:49 GMT
x-content-type-options: nosniff
age: 226459
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49506
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:17 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 11:15:49 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7F64 0
0 16ms
15ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7hxnHNXdym4_hLGYf30a4p-vurw2xi5yFRG5i8wgChwol6DNkFbUkAcMAFzWrb4NblRw7
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2637 0
0 48ms
48ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWZkpKgs-_TELffnWgIsizOexz167DLF1gBb9wx0VmSsumzRnAz8p67Uv7Rq_LmEkOp3SSAHD30IiBPrX2_pqQebaf5Ho2aZyvwHfzQIFrTgtUD1J5sOXHY2j05r-FEjyByHhY17IeRBIedlV0DwKz-gfMKWiLZAvBZqWTE812M0qvDccfap8ALLd-lA9UttRKvYIeEOsn7TkGFOvrCORrDwoNdOhxMFhvqX14cSYiQseErPykuHBvzO6Q11oXlH5FyEbh_k1Xjc_2-IJB80l1XxjqDZEpZ3TuhI6SCViMzyYjZw4oBtcVa342EL0-WACq5wszFsyRE5LIofUAlRmgYYrQLHu1JdnZGFcczpGpAGXmGm828aWa&sai=AMfl-YSfQO_eDrFTBpvs5TFq5L7tLBB66yk_nT7Zz748cD4vuSyDsEDJrsyOt6j2ylGYSdqrQ_NnTt1NP0cKSysjePofGCoU2I2r-I0uHjVf-HRm9iqSbAJvOdwjKjpiang&sig=Cg0ArKJSzJJpQrXZFH-sEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2637 181 KB
56 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 2637 327 KB
112 KB 17ms
17ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:30:01 GMT
server: AmazonS3
x-amz-request-id: 7RBH51TW3E0VR4S8
etag: "94f6c999f3f24b6cd968e931257701ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13224
accept-ranges: bytes
content-length: 113977
x-amz-id-2: h2mr691ZEpNZ+qUbi4sMJm1b3q0Ql2jARxQjD8282SxmcPVcl+6GHlVevORDCVu4pGOI/WmAoW0=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03EF 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGd6VcDujoSR4oYwNRopZ2RCPhlj16A3_YJ-os3Lqd9noDniSXta1Cj6tEgAYXz8Rs63e9o2XeqvOjQN5Ixm5HNBLjdzSXxLMFKNCZVBZCM5crIZxDz_K42ZimzNEpsjxdORu5cmHuRMPHC9KVNaoai6usnojrt4n1Unbw2Of727mOotvVivKfHSbdpCu1jU70CvaNB9EXOJwGDQhoUwTxP29THG4D3qaMRdrQy4laVHCIKxwvN7gSbGpIIxyVXOoLEfndZ_l-94aVFClFhecc3iLZY0ZeDe5Z9oRLSuBOnc9_-HNEZp3natwEN5D9uAAISaalsSzlMLw6MXcAiH36zMEockX2aMqkNkuv-mQTNtGxzR6T8diI&sai=AMfl-YRx9Fn_OU8eLYfgWmiAELNkfuSJ9Ut3f6XqmeBbs1qUdYKbglSNHdhdnqy6YhXZSGQ9MzhB4mqHRYLGqMTKP-hHQWbqQTj_rf3hsN3Kj7gEtTvh4xrGspvR5J3D-8k&sig=Cg0ArKJSzA2Eio2DpyrgEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/ Frame 03EF 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230823/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 19:06:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 19:06:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 03EF 181 KB
56 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692792373905140"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2023 02:10:08 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 03EF 327 KB
112 KB 7ms
7ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 10:30:01 GMT
server: AmazonS3
x-amz-request-id: 7RBH51TW3E0VR4S8
etag: "94f6c999f3f24b6cd968e931257701ff"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=13224
accept-ranges: bytes
content-length: 113977
x-amz-id-2: h2mr691ZEpNZ+qUbi4sMJm1b3q0Ql2jARxQjD8282SxmcPVcl+6GHlVevORDCVu4pGOI/WmAoW0=

GET
H3 200 11387180448008369947
tpc.googlesyndication.com/simgad/ Frame 03EF 10 KB
10 KB 8ms
8ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11387180448008369947

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e04433a74ec26a9b149ee31234bc5a607d43e93ff3e314107c52c4a0e495308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 07:27:19 GMT
x-content-type-options: nosniff
age: 240169
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9807
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 21:49:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Aug 2024 07:27:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 03EF 0
0 19ms
18ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTooKIJPgJcGjGsYs2oVO4BZPcF7UsBEeX_sfSFv8btPPPikVp3p3OGLL_71GtIRC6jyPTA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js?cb=31077296
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 7F64 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2fbdba005b08ea31e6904b8f45e3e96b2bf3ebc13d9f006cea0848e1294ca579

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 03EF 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f468379c4fd0e6f34d026ca286e4f4ac453122cf659caf155a2264450aa2dd9a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 impl_v96.js Show response
www.googletagservices.com/dcm/ Frame 8AE4 49 KB
20 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v96.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 08:57:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20157
x-xss-protection: 0
last-modified: Mon, 22 May 2023 16:41:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 08:57:54 GMT

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/ba18906d/ Frame 2637 14 KB
5 KB 422ms
112ms Script
application/javascript 52.72.72.95
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/ba18906d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvdfB8jYghVOq3o4shMkPuKGJIiE8-P6Web-gxvi3Ea-71_I4ms4mI0wi-C-hgSOovgjv4nH26_KUlmT_YmUX2OfvkNgBqDKbxpm7GEn6GiCkLactaHrF4TJO28QkuiazNDavRDeOctzJz9Drx6TxlbrTqtscyUB6xeau3UcVQkY8iiPQhlJrDGqg-59qrvQ3PU2ZsLLloctlVl46zqXn6N3zf4rYFepkd8JVimAF5aEL9_Qh7qJpDdVXrv3LMLF6AQ4_b3mwV1vynQFAK_SKXnUZzbgdlE7rPWjmqoFxbKa2SqYAlv1c3dn07CBVensD6gV-3wuGsIDG3qMlzSdPjiS5kNkIhvClFH7MQb5veWfA7phvE6%26sai%3DAMfl-YRXtCqkvz8RmFNhnjZuRyDQW3dQpok0ixcbGrHjgFHlLTD9ZWcdQQYL3rD5l9vBC_9cho7MKw-4-1AUD4ImGO56EEXIOE4OwKx8_n5UX34VJ9J9rpdtmD2Y3_p_VaY%26sig%3DCg0ArKJSzELYz-cr5VYFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138368021044&externalCreativeId=138368021044&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6140421032&externalCampaignId=3099799181&externalAdvertiserId=5004764576&coppa=0&scriptId=celtra-script-1&clientTimestamp=1692929409.016&clientTimeZoneOffsetInMinutes=-120&hostPageLoadId=7133716876648943
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.72.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-72-95.compute-1.amazonaws.com
Software: /
Resource Hash: 3267f4f06fbc7df05b4a6c98995d133a44fb51abb85f7097783e69045f2d5b60

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Aug 2023 02:10:08 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4888
Expires: 0

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
8 KB 11ms
11ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16DR883D7PM3805
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7826
x-amz-id-2: V+aas5/YiB8hULXvDfZhIsWW+TevCOkgVGk/Fj6tlHSP/nHDKK7wQoHIzNE/dowYKiIKBmcwbTA=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.055509,VS0,VE0
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 114

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 12ms
11ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-encoding: br
via: 1.1 varnish
date: Fri, 25 Aug 2023 02:10:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16FEYSTFEDPYHC4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4296
x-amz-id-2: H97fZQNmKZjDmD9s6oOERCRPM+eQfEYaPaxM4am5otyv9pCh6VzqGQl9ZFts5wWPUkATcktLtmE=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.055580,VS0,VE0
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 155

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
15 KB 12ms
12ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V166MSHRXDKAVVGE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14879
x-amz-id-2: c6U0F1buvLoUbC7Go6OynO2vSuROf3WSt/D6YI1yr+0jsK94y9koc9qEWfBtaM47/YBf5Yf8NJA=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.055642,VS0,VE0
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 156

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 13ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-encoding: br
via: 1.1 varnish
date: Fri, 25 Aug 2023 02:10:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: V160X7JZ0EG0626C
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2987
x-amz-id-2: 5+0z6v9iOJAmzGseP7niEmvz+uxWao1VALb8NoZbCquSjddcdg/5b+W1EwLWyPB/uQ66j8dwtBs=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.056050,VS0,VE0
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 69

GET
H2 200 jserrors-aggregate.49e41428-1.236.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 13ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: .ACjr0HqA7HhCmbDNUQuLIwun1cgXyhg
content-encoding: br
via: 1.1 varnish
date: Fri, 25 Aug 2023 02:10:09 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16FYZFMXCGTDG27
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3814
x-amz-id-2: mwgteez6x3yDx2YZm/5IjUnid5gI60+Qa+e0jCOSmE92j50WhHAejUGBsI77JWFl8CIlDnktHZw=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.056596,VS0,VE0
etag: "ea0f213ac446fa34c085f244b9573b9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 90

GET
H2 200 ajax-aggregate.998ef92b-1.236.0.min.js Show response
js-agent.newrelic.com/ 7 KB
7 KB 13ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: xVg3CmVvsRmAix36ZLYuy_uCZQf0TjpD
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V160Q4MCNEPA0DWF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7044
x-amz-id-2: 4pXWnKuNBIz41lqSFIf5tsKV1P/qUi013lzcICPtzab00sHuhMEZy///R1KpVfpsKCYjZAw6vX4=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.057143,VS0,VE0
etag: "07e3c83179c7da2e2f464a72b084aacf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 105

GET
H2 200 session_trace-aggregate.83105561-1.236.0.min.js Show response
js-agent.newrelic.com/ 12 KB
12 KB 13ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: JP1nny3GAhH60lOAbY5zpQuuXGmtQF2W
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16EH4FX34YSCAAP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12146
x-amz-id-2: KmNhWc8I5iJnNq0ChwdCJEZrN6U9/HfEVBAcZH07DpJoA9YIkp9R2HXYN98dYcqTnC+W5zEkkS8=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.057643,VS0,VE0
etag: "4ef8d054860549421e884b3d2d74b83e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 134

GET
H2 200 page_action-aggregate.ac76d497-1.236.0.min.js Show response
js-agent.newrelic.com/ 5 KB
5 KB 13ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: d39kPm7I27R6JP_9CC8D6A917GdgqR8V
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16ETB3SQ8RDG48R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4643
x-amz-id-2: 7B6KPpWlXRjWt491eJYd/RxIbU1+NFdezc6YFgBbxs0tzjbWueAY5nqCMMdn02DJLpb8NRE9EB0=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.058206,VS0,VE0
etag: "8862791debd0b259297a0ccf618932eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 104

GET
H2 200 spa-aggregate.e6b09d52-1.236.0.min.js Show response
js-agent.newrelic.com/ 20 KB
21 KB 13ms
13ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.e6b09d52-1.236.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: k3LNqXtDnYaGJRciEwS012KKWchlproy
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V1600H0FQHVZS1H6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 20843
x-amz-id-2: REepnSOeMxho2ZLiM3P6Of28yVpUanBl9XNRlLsr+8LFPWoIfDXKvl9imaTNqPVm6hdgUuAJXbU=
x-served-by: cache-fra-eddf8230091-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692929409.058885,VS0,VE0
etag: "27ef55ddf9eded9cf24ce8747e8bbe04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 100

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ 599 KB
131 KB 7ms
7ms Script
text/javascript 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5dedb9847c01d696eaa98918113cce86cc45604ff93b8348268ee763a0e9da3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
content-encoding: br
last-modified: Thu, 24 Aug 2023 14:14:35 GMT
x-amz-request-id: ANZARQ7YSXHDCX69
etag: "da475f4cfb3ea78e9be45fd9940a4790"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 0
accept-ranges: bytes
content-length: 133835
x-amz-id-2: H8mvw/E5AYyuVfLPjjDS6xQUNjL2V5A+0iHezO23Cte8tlqiWToE55WRIbmBQItXyxQ6L11B2TY=
expires: Fri, 25 Aug 2023 02:40:09 GMT

GET
H2 200 B20654036.373486415;dc_ver=96.284;dc_eid=40004000;sz=640x480;u_sd=1;dc_adk=635667956;ord=orapmy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvpe0tZIJtn73fL3ofh0dmKX4acc... Show response
ad.doubleclick.net/ddm/adj/N410401.127711DARKREADING/ Frame 8AE4 64 KB
30 KB 104ms
51ms Script
text/javascript 216.58.206.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N410401.127711DARKREADING/B20654036.373486415;dc_ver=96.284;dc_eid=40004000;sz=640x480;u_sd=1;dc_adk=635667956;ord=orapmy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvpe0tZIJtn73fL3ofh0dmKX4acc1soWhO7tyYzx6td55b1vBQnID_pJI0PvnMy7NCsKCsvAEcQePVnW13PIQjRZmTwJxR3P3-CxLuluiLS5vzz7J1_XX2Y1yxxsVhvjHUVE0ZP5rUkQFeHZxw9H1-wDoeqsR6CGUTdrpw0ZJF0zGwmyZOHoiL5-gOFYtcF-M8E5E4566ZvwIZgk9BJ6w0VB7B0Cw88sfbzI-u8o8goISXU1Fs3essTm4iGiUNbTovG2VChhU2arJLDc3hY8yYlU6Cmyhqy3sJR0f3NCktb6giuBIuZ9KKxLrnZ8hU2STND032HeJPPp-ceTpNsCCp8kRcBPfOyB17gsVvOQlKRAMSRlypcws4%26sai%3DAMfl-YQYjsRwtOnF8QBXT4KfezmaaKiEz3gHGaR9pGchf3OqwNDedUOxnsDZCg2UmIg8Q-GwR0g27u5EsGmAHTUcKuwHoVavfr6MFJ4iwdVhvRQno06kB6FzyrgCuNtDgQ%26sig%3DCg0ArKJSzLH0tkWhnPNaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot$0;xdt=0;crlt=ltfty.x8K7;stc=1;chaa=1;sttr=120;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v96.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f6.1e100.net

Software

cafe /

Resource Hash

289d4d95813794d4a20d93895934765e1cf259d0f5dc6b3d50aafa437ecb98a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30168
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2637 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b2118292ee7ab110dd982a8e94f4102ab76a6419c60e2798a07b82736ff1c50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 23BB 0
0 59ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-1LQN735935t2D1gc_eqSSW005Yzm_4Elg8FRfIN5Hb5F4yGpmcgGrdXNC_zejBevCJH6BtPKLzLB1Jaom7WpTCb0uUlC8UDdFIh9NBTMIFq9AliIQfOaDF6uZUsALh2cQo4POgstK2wNQe4N8ZRNE3M-9jKMM_p3dtWP9_zte0gS07mSBvYCwiLy3b5pkqwxGjBfgSQIIuRlmWukC_-CJNW9auRpADi3nger4g-vxWPUa9ZVD5hiM3VcbBRUUS7O-2rgSQSLNfMx-wVNNUmhk6towzcK62U47IBTWJnvP6jy8xxbE1rH5TxZ7unSilj-Jsn01vSeKpAu5rq6O08oMTGXlqSPURGl9dHkAa8C0hDar9XNQw&sai=AMfl-YRGw5Ei4hGr-Qh4zBsoinSo9muyHd13YbT0cLBe_flC81E7wZhI5B9B443XmptitnGRqPC5DV-lSRexotq1EOKGx4ltEruOmy7S3OocUkUfOeTp8GPp8bPQXvl3cw&sig=Cg0ArKJSzHLYh0rWykjJEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07D3 13 KB
5 KB 9ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 01:40:51 GMT
expires: Sat, 24 Aug 2024 01:40:51 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A05 829 B
558 B 18ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

896cb276b07f2b3b6df4141e5b0c9ee00c5ee73c9c4604bc2cce5ab45b9bb842

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-k5U_szo6OPOV85mYjlxzmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-k5U_szo6OPOV85mYjlxzmg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 25 Aug 2023 02:10:09 GMT
expires: Fri, 25 Aug 2023 02:10:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 23BB 31 KB
11 KB 46ms
18ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2572023
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:57:21 GMT
content-encoding: br
age: 768
x-guploader-uploadid: ADPycdtI4cuX6e7DRvr7GEN9NMtMlAlvpD2QmTWELiVH7Q1NSTEYF5jtkQDimFuvMSQFDe3p9w0e4bBl9k2v-_86ZMshGw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10526
last-modified: Mon, 10 Apr 2023 17:13:24 GMT
server: UploadServer
etag: W/"b0965f051977c0dd95ffe2c736cac352"
vary: Accept-Encoding
x-goog-generation: 1681146804366265
x-goog-hash: crc32c=wVdAwA==, md5=sJZfBRl3wN2V/+LHNsrDUg==
content-type: application/javascript
cache-id: FRA-1209ea83
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32213
accept-ranges: none

GET
H2 200 n.js Show response
mb.moatads.com/ 99 B
276 B 113ms
29ms Script
text/html 130.162.160.243
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409180&de=509805140611&m=0&ar=45436f5f584-clean&iw=e42017d&q=2&cb=0&ym=0&cu=1692929409180&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=1816020343&cs=0&callback=MoatDataJsonpRequest_71999107
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: b25081dfbd7a0833652f6a1a9cd147231733252c41ea36c1ee3e9ca9496ba542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
server: istio-envoy
etag: "e024948ce7e955a8eee26d697004195431538f5f"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 6
timing-allow-origin: *
content-length: 99

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 36ms
27ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409180&de=509805140611&m=0&ar=45436f5f584-clean&iw=e42017d&q=3&cb=0&ym=0&cu=1692929409180&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=1379023382&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
DATA 200
OK truncated
/ Frame E36E 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ab7ecee17ecf6acc17b335fedd619d52c02e3bf35eddff0da85a04888bb33b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7F64 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1X4dKsaZT0DSItQs21RZw3SQUlJGBAqqqGx8OZpEN5Rd1r-b_Xt8Jj6o2KHdLBkwU_V7tlRncRKVYrEN1waRWD9nyOGu2tRu3WDFvRk_LTEBRunDNdwlEpccjOpy1_oMVHm3zvXbzC9J-13J31WAOYe3R3ikMmK6TUhmNRehUCZzc7tEb1D_RCDWj5cVMAQtVCBLBOa8oyztFV157hGkc0RxHEuHqWR4cVGv5Xrbmhqe-vbjb89SrSp6Zr32mJcSfeM3ROasR_EJLz8l_p_W9yycbTwIKQ_qP88nXlHPnslpEL7I6VAXaK6s2gGlenciSU4URFRGn1aaNdsZwP_RR_2rx6LPeAz5opkT2y8Rnuw_7VLnVfkdMM9Q&sai=AMfl-YRveFUL7LwAfqaxNpWjsCheqesOccKBR6YmTym3jz6xU13jdLkzLv82F0e3Fvi210c0fOGPNVTaCWKxMMxy4Nzid2jnWYfLcsG41fsUA8iM4FTpjHw33pOZ_YrStw&sig=Cg0ArKJSzDNN1kPApjGbEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E36E 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEFwi7bnKqb_CX9wM8Sx0zrpQ8LCbPoIn-JVYY1byh4QP5Kq-4HpJwBpsda4KXtMJhjWhlo4cXc96pZSh8XXAFiw2BrFPKowLoYV8qzbFCUy--4zTse6HuA1utuXXTz8oW0gkaT5ZXRcTnneazAe_EO6Oej1vu3k-cKEnj4tIDkMxXKNBMRAySktKJDHLQ7zfL4xZykveY9-Ioo-7kPTMn6P00JxP-KavT9-hM6ZTKiCg2xPfcU0a8IzmeXvsNNEa9zkC-enX0oIUxsOw-Th3NOjhhe10NNS6w8p0hz6J3jsuu8UCQZNsfA8W6YpO6IrFUSA70hPZGdUJjIHDTCln1qMBGz_povusL_FW7tQRUKCJVG7lRdw&sai=AMfl-YTmYtKiUVwQT-pD47-DeEPX2FG_GTx_cUX6mGwq-butYWjKgZxe4aiODX-yEID04APCOM67sIyNbqakjmp9kJGafR96QAQZbvVcCw-7wZPfC_z8KonmmjKskxPWPA&sig=Cg0ArKJSzD14G7cGd_-8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 03EF 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvGwLdqyx1Gmum8SuxaU-TUfbLUCy7ykP5hULVIsYfnlTtWyenvmYxzG0BxURFfbbtTvAa8kreRZGaO8K0qJTxXuncHzyyXUsfx8k58b-Ub2YWExYbCQIKy4z3ZMdOTjMk9H6tP98KJFVImhpH9R7KwURNiMhWrAoIfDjyA4J27gy8126rh8NmAYN0ztoCCQ_93PMDo4qJ5iAGTrTiBwUXGHEig8LsBdLj2I41XIcu7zcAPF7JBYXBLRLDRhNGl8vkpxFYv0Vww_bx3mKYivQ1K3jMtNsT1VkxaPXYrFNDT01iUry2XD3pUQ3WdyV4uIe5jshcHZRe1cGas4FMXTtxKn-75rlKPdLvDBiV3PPmUYlRI3uqboNYS_vc&sai=AMfl-YSkiwCZe2oYP_brEJGxS6V_duEawPA_Ms3U_XvL4Pkb6UydG_q_BuYbdQ8Pij79QR9m6FC3xRc4zSi_Cod32XHYWCRaIkk7bC2b316EUm2UsmNYZd83JGBC0RVo_nM&sig=Cg0ArKJSzAAoKN2NIsV6EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/ Frame 8AE4 11 KB
4 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230823/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N410401.127711DARKREADING/B20654036.373486415;dc_ver=96.284;dc_eid=40004000;sz=640x480;u_sd=1;dc_adk=635667956;ord=orapmy;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvpe0tZIJtn73fL3ofh0dmKX4acc1soWhO7tyYzx6td55b1vBQnID_pJI0PvnMy7NCsKCsvAEcQePVnW13PIQjRZmTwJxR3P3-CxLuluiLS5vzz7J1_XX2Y1yxxsVhvjHUVE0ZP5rUkQFeHZxw9H1-wDoeqsR6CGUTdrpw0ZJF0zGwmyZOHoiL5-gOFYtcF-M8E5E4566ZvwIZgk9BJ6w0VB7B0Cw88sfbzI-u8o8goISXU1Fs3essTm4iGiUNbTovG2VChhU2arJLDc3hY8yYlU6Cmyhqy3sJR0f3NCktb6giuBIuZ9KKxLrnZ8hU2STND032HeJPPp-ceTpNsCCp8kRcBPfOyB17gsVvOQlKRAMSRlypcws4%26sai%3DAMfl-YQYjsRwtOnF8QBXT4KfezmaaKiEz3gHGaR9pGchf3OqwNDedUOxnsDZCg2UmIg8Q-GwR0g27u5EsGmAHTUcKuwHoVavfr6MFJ4iwdVhvRQno06kB6FzyrgCuNtDgQ%26sig%3DCg0ArKJSzLH0tkWhnPNaEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..;dc_rfl=1,https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot$0;xdt=0;crlt=ltfty.x8K7;stc=1;chaa=1;sttr=120;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42004
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Sep 2023 14:30:05 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8AE4 0
0 116ms
46ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGkcxbRfJmwYih6ZFNB1W97sPjcXohUB6JstEu3nYrI_e3fh_Yy5LtHLNm7ZKGJfi1_zf59eovrsu--xYxlcQwHg4ycACu1vnmoLSoTUtV4ru12tH7RGDMAqZUiM3w3hM8-JKh6SHxjS4UponxLp0nNL7Q3YKKofehAWvNH-ifWrN9EQ&sai=AMfl-YSyovgH9iFX_FzjRfZDFWeJXQfkQ08cMl0-35cd2RICB3VFYia1vfE4bpk8S4MoWJ1jQl3Sc5k_1QED9EfDE9QAGctYjGkDUNlMTw&sig=Cg0ArKJSzKa6LpIYwNA2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230823.76165&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8AE4 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 14:34:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41767
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Aug 2024 14:34:02 GMT

GET
H2 200 13604087462534611714
s0.2mdn.net/simgad/ Frame 8AE4 1 MB
1 MB 30ms
8ms Image
image/gif 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13604087462534611714

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

165c8105026d179e731f5a2bc08d30e539a05451dc5a182dd706edd930bb884b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 05:58:06 GMT
x-content-type-options: nosniff
age: 72723
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1176521
x-xss-protection: 0
last-modified: Thu, 17 Aug 2023 09:52:48 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 23 Aug 2024 05:58:06 GMT

GET
DATA 200
OK truncated
/ Frame 8AE4 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdc36a511e130ef7cf4600675c6a3c8227d80d6c2a028c2ad3c59f2aed513e68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 13ms
12ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F3419088563673378312&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409180&de=509805140611&cu=1692929409180&m=88&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=0&ag=29&an=0&gf=29&gg=0&ix=29&ic=29&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=29&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=58&cd=0&ah=58&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-leaderboard&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1812799309&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 23BB 62 B
309 B 86ms
85ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&pv=1692929409503_vf85i74au&bl=en-us&cb=5257309&return=&ht=&d=&dc=&si=1692929409503_vf85i74au&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2572023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 23BB 20 B
482 B 488ms
158ms Script
application/javascript 52.71.153.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2572023&v=2.5.3.49
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2572023
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.153.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-153-141.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Fri, 25 Aug 2023 02:10:09 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Sat, 26 Aug 2023 02:10:09 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A05 0
0 40ms
40ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308220101&jk=118634925123366&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 track
t.teads.tv/ 23 B
104 B 74ms
32ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-web&auctid=84270897-d0c2-4270-9e20-39ccaf83b57a&pageId=130102&pid=142873&debug_metadata=9gIWnmeGBa&fv=1235&ts=1692929409613&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ 23 B
134 B 76ms
34ms Image
image/gif 2.18.161.51
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-web&auctid=84270897-d0c2-4270-9e20-39ccaf83b57a&pageId=130102&pid=142873&slot=polymorph&fv=1235&ts=1692929409620&f=1&referer=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.161.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-161-51.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Fri, 25 Aug 2023 02:10:09 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H/1.1 200
OK NRBR-dcf2500530dfb0326fd Show response
bam.eu01.nr-data.net/1/ 40 B
464 B 48ms
20ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRBR-dcf2500530dfb0326fd?a=256687733&v=1.236.0&to=MhBSZQoZXkEAUkFdDgtafl4KFVFeCEtQUDQXHB8b&rst=4143&ck=0&s=8baada8e551c76fe&ref=https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot&tt=5ad19c24b8376b09&af=err,xhr,stn,ins,spa&ap=221.286035&be=806&fe=2228&dc=808&perf=%7B%22timing%22:%7B%22of%22:1692929405487,%22n%22:0,%22f%22:0,%22dn%22:6,%22dne%22:28,%22c%22:28,%22s%22:34,%22ce%22:46,%22rq%22:46,%22rp%22:806,%22rpe%22:900,%22di%22:1293,%22ds%22:1614,%22de%22:1614,%22dc%22:2750,%22l%22:2755,%22le%22:3034%7D,%22navigation%22:%7B%7D%7D&fp=1269&fcp=1843
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: text/plain

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230056-FRA

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409305&de=53091578019&m=0&ar=45436f5f584-clean&iw=e42017d&q=7&cb=0&ym=0&cu=1692929409305&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=4448790601%3A2827245798%3A5674929725%3A138347225724&zMoatPS=video_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=video_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=479068719&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

POST
H2 200 ad Show response
a.teads.tv/page/130102/ 484 B
677 B 41ms
41ms XHR
application/json 23.218.209.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/130102/ad?windowWidth=1600&windowHeight=1200&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&auctid=84270897-d0c2-4270-9e20-39ccaf83b57a&formatVersion=1235&env=js-web&netBw=9.1&ttfb=760
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.218.209.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-56.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1d5dbe8cdb08bef7c25ce406c6ba6ef5bf15f20f0af59f65a3536c2c7aba4817

Request headers

Accept: application/json; charset=UTF-8
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.darkreading.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 334
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/ae21f920/compiled/ Frame 2637 852 KB
853 KB 60ms
7ms Script
application/javascript 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/ae21f920/compiled/web.js?v=47-a48f3aa775&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0&adx-in-banner-video=1
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/ba18906d/web.js?&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvdfB8jYghVOq3o4shMkPuKGJIiE8-P6Web-gxvi3Ea-71_I4ms4mI0wi-C-hgSOovgjv4nH26_KUlmT_YmUX2OfvkNgBqDKbxpm7GEn6GiCkLactaHrF4TJO28QkuiazNDavRDeOctzJz9Drx6TxlbrTqtscyUB6xeau3UcVQkY8iiPQhlJrDGqg-59qrvQ3PU2ZsLLloctlVl46zqXn6N3zf4rYFepkd8JVimAF5aEL9_Qh7qJpDdVXrv3LMLF6AQ4_b3mwV1vynQFAK_SKXnUZzbgdlE7rPWjmqoFxbKa2SqYAlv1c3dn07CBVensD6gV-3wuGsIDG3qMlzSdPjiS5kNkIhvClFH7MQb5veWfA7phvE6%26sai%3DAMfl-YRXtCqkvz8RmFNhnjZuRyDQW3dQpok0ixcbGrHjgFHlLTD9ZWcdQQYL3rD5l9vBC_9cho7MKw-4-1AUD4ImGO56EEXIOE4OwKx8_n5UX34VJ9J9rpdtmD2Y3_p_VaY%26sig%3DCg0ArKJSzELYz-cr5VYFEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138368021044&externalCreativeId=138368021044&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6140421032&externalCampaignId=3099799181&externalAdvertiserId=5004764576&coppa=0&scriptId=celtra-script-1&clientTimestamp=1692929409.016&clientTimeZoneOffsetInMinutes=-120&hostPageLoadId=7133716876648943
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2565784a204b5c015d560b41607858715b80d3b970bbb465e56f5b410f7b6d95

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 08:21:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 64102
x-cache: Hit from cloudfront
server: Apache
etag: W/"07f34a454b52548e6b9708c223e01378c75ac2185b2b07e4f35695209a424b0a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 622946
accept-ranges: bytes
x-amz-cf-id: EaC1BqeSWqmVvJRsoiVR6MivJ6UcLBJhFxgZGrt8-QsMDuxBJXIprg==

GET
DATA 200
OK truncated
/ Frame 2637 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 66b0a241-1725-4137-8a56-5f1b4aabb85e
https://www.darkreading.com/ Frame 2637 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/66b0a241-1725-4137-8a56-5f1b4aabb85e
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8AE4 0
0 48ms
47ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuGkcxbRfJmwYih6ZFNB1W97sPjcXohUB6JstEu3nYrI_e3fh_Yy5LtHLNm7ZKGJfi1_zf59eovrsu--xYxlcQwHg4ycACu1vnmoLSoTUtV4ru12tH7RGDMAqZUiM3w3hM8-JKh6SHxjS4UponxLp0nNL7Q3YKKofehAWvNH-ifWrN9EQ&sai=AMfl-YSyovgH9iFX_FzjRfZDFWeJXQfkQ08cMl0-35cd2RICB3VFYia1vfE4bpk8S4MoWJ1jQl3Sc5k_1QED9EfDE9QAGctYjGkDUNlMTw&sig=Cg0ArKJSzKa6LpIYwNA2EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=228&vt=11&dtpt=227&dett=2&cstd=0&cisv=r20230823.76165&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8AE4 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRRW9TjYs1kzShVCsEfs9y7WYZ3zMjoJkp08lj6S8rl117s70sy70ocXeDh5bK69mHO_6hMHLb04mO7HhlQP1LskbhxSEsIcp4S_3NTo2zkr3CkBU35PrVXLyuEYQjFfkUEpEDH7G0_TPHZkJy9kYSt7PkA3VzJWZ14bW02Rp-tfbCouhxMS8UvS0KS9sEVeAWQtbNWgsy5lg_J110JdvgZZZo_nZSpqkCZ2b6gRXo_zbJT1Zy0nb3jTL29l-KwyFHk5pmVMUI2WYn49rVGoDGNoaJPnOfdnTmbOTnX7XMlUwyP5UvdZmRGi29bph1oVewzreJf-_2xijcMvdmyqWYhdau17tMuvBFpMPM0yeE4yVGJMaPt1Zz8TlhWYA2yQ&sai=AMfl-YSEm03wDmYr39IoAkztQ-fsg2R9UqUeeyIXlDWdlQvajyKn1aySnLe9KSbI5NnR2bOjoAWf6N3OpgkCAfGPZdZXAJTdRoXy_mcKMz0uD0HpbFNYCY62owo_6iO8zQ&sig=Cg0ArKJSzAVmIHxYT11VEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js Show response
pagead2.googlesyndication.com/bg/ Frame 07D3 37 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oGWEAOSy2FD_H6yXFafSznTTKo3y8yaW3jsvWQxT1M8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 24 Aug 2023 23:57:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14795
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 23 Aug 2024 23:57:54 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E647 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 146422
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 09:29:47 GMT
expires: Thu, 22 Aug 2024 09:29:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409317&de=322773208719&m=0&ar=45436f5f584-clean&iw=e42017d&q=11&cb=0&ym=0&cu=1692929409317&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004764576%3A3099799181%3A6140421032%3A138368021044&zMoatPS=300_1v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=1541433861&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409324&de=684799345214&m=0&ar=45436f5f584-clean&iw=e42017d&q=15&cb=0&ym=0&cu=1692929409324&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5247912870%3A3231394965%3A6343976295%3A138441419009&zMoatPS=300_1v_article&zMoatSZ=299x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=1968311672&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 14ms
6ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8964380164734132489&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=299&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409324&de=684799345214&cu=1692929409324&m=11&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5247912870%3A3231394965%3A6343976295%3A138441419009&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatPS=300_1v_article&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=299x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=9_e36x8kurhfi00000e36x8kurhfi00000e36&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1293218373&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame E647 37 KB
14 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 14:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 128415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 22 Aug 2024 14:29:54 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2637 0
0 46ms
43ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1lpdIc2lWeajKMJLF7GhMTFkues6gKjiV089r5gc2x17vC4emMtyoXvB8wGYjQCP938rtR9H_FfNqz19jZAiCNmelF_VGL-fb6UZX5HhxRR_lQ4YkDyn__LO3LRPsTCBxTP7S-X_Nf0udi93MrprHiDoKsY_CQhy-2_zZ-1QqcRzTPnAZvbu4wxGqeF-yPG-dM251Z98SQ_G5rcqydSRTxHSnWzPMLrrT7QyCB5l0P9aT5MHZvNDndHn1Bp8g0FbQcEKy4X_Fc9WSyuVPnGi7n-SqLysgtt2ocFj3RtQmr06bkHyf5hrtEOK22pEv-Ehl4O5pe-gN-EFd-3l1xHmP4dX16Aet-WZZU80VgelGP5-IVfC_iMBWpfM&sai=AMfl-YTHircFDYwfD3OqEqy84h6gcTJt-fIdanZdSRKHVl6Md2o9xVulHVqxkaE9OPgVtj2JW1Sh_PQBnvBRw2CvhJcC-0NPehwOGCV_9X8X6OWTWcy3Zhf5-Pc2T6uYFvQ&sig=Cg0ArKJSzLkkddX4JrpXEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjkyOTI5NDA5eGQ1ODBiYzIzMDBmMDgweDAzNDkwNTc4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI4ODA5NTQ4OTIzMzcyMzYxIiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 398ms
94ms Image
image/gif 54.147.76.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjkyOTI5NDA5eGQ1ODBiYzIzMDBmMDgweDAzNDkwNTc4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI4ODA5NTQ4OTIzMzcyMzYxIiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTY5MjkyOTQwOS45MTIsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=3873343420
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.76.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-76-157.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 25 Aug 2023 02:10:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409358&de=637204561446&m=0&ar=45436f5f584-clean&iw=e42017d&q=19&cb=0&ym=0&cu=1692929409358&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&zMoatPS=300_2v&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_2v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=1894363739&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:09 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:09 GMT

GET
H2

404

404
www.darkreading.com/ Frame 8AE4
Redirect Chain

https://www.darkreading.com/sites/all/themes/penton_core_theme/images/ContentPillar_Welcome_1200.png
https://www.darkreading.com/404

182 KB
182 KB

383ms
382ms

Image
text/html

2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.darkreading.com/404
Protocol: H2
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0fb926544e5a81accc7b91c35cbdbeb8aaad37cb319a531c1335bc82059eb79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:10 GMT
x-proxy-by: https://www.darkreading.com
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Origin
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
cf-ray: 7fc04c0f7bec4dcd-FRA

Redirect headers

date: Fri, 25 Aug 2023 02:10:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains
cf-cache-status: MISS
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/html
location: /404
cache-control: public, max-age=7200
cf-ray: 7fc04c0cf9b54dcd-FRA
expires: Fri, 25 Aug 2023 04:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11387180448008369947&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409358&de=637204561446&cu=1692929409358&m=8&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2&cd=0&ah=2&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=14_srjuroyxzq000000srjuroyxzq000000srj&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=90528239&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 3_webfont.woff2
cache-ssl.celtra.com/api/fonts/google/Lato:400/ Frame 2142 4 KB
4 KB 20ms
7ms Font
application/font-woff2 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/google/Lato:400/3_webfont.woff2?subset=BCDEGILORSTUVW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:00 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12767050
x-cache: Hit from cloudfront
content-length: 4052
server: Apache
etag: "4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806"
content-type: application/font-woff2
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1415853
accept-ranges: bytes
x-amz-cf-id: cK7WrB64F1JDvMUVvYpgM_Uk_VQ6z_9hPpOZz0SErLcZSJvXv001SQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1692929409477&de=174035697695&m=0&ar=45436f5f584-clean&iw=e42017d&q=23&cb=0&ym=0&cu=1692929409477&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=31911747%3A3238984077%3A6358972703%3A138443124438&zMoatPS=welcome_v&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1269%3A1844%3A3034%3A1293&fs=205170&na=1354096419&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 DR_Sophos_2023-Threat-Report.jpg
cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/ Frame 2142 40 KB
40 KB 8ms
7ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/DR_Sophos_2023-Threat-Report.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:58:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21463904
x-cache: Hit from cloudfront
content-length: 40672
server: Apache
etag: "d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 19803895
accept-ranges: bytes
x-amz-cf-id: ZEkev-amzurqcPLegWRMtwphwmae2n9hVUl7TxIWO7Yw36eJDc_vKA==

GET
H2 200 DR_Sophos_Extended-Detection-and-Response.png
cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/ Frame 2142 5 KB
6 KB 7ms
7ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/DR_Sophos_Extended-Detection-and-Response.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25961940
x-cache: Hit from cloudfront
content-length: 5524
server: Apache
etag: "2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34012
accept-ranges: bytes
x-amz-cf-id: z-QqtuoROSaELMaa6eSds-LMIupLXNnHrQ6VlE2t3NXqT6mrOPvlSw==

GET
H2 200 w_soph131c8.jpg
cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/ Frame 2142 25 KB
25 KB 8ms
8ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/w_soph131c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:39:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8752316
x-cache: Hit from cloudfront
content-length: 25237
server: Apache
etag: "e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3834183 1621184
accept-ranges: bytes
x-amz-cf-id: InN3mx9cVvHTzFU-s-f5Wn2JCXrN5HQ0ya9_kZ8_BtJQ5nptYHAC_Q==

GET
H2 200 w_soph132c8.jpg
cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/ Frame 2142 33 KB
33 KB 8ms
8ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/w_soph132c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:51:51 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8752316
x-cache: Hit from cloudfront
content-length: 33540
server: Apache
etag: "118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4129189 1149283
accept-ranges: bytes
x-amz-cf-id: QDKTY_B0MQhmRp31Y5gSErr9Wn8-4uEIZiNEHvBKifMR1eWqtaC4qA==

GET
H2 200 sophos-incident-response-guide.jpg
cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/ Frame 2142 161 KB
161 KB 8ms
8ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/sophos-incident-response-guide.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 13610686
x-cache: Hit from cloudfront
content-length: 164485
server: Apache
etag: "cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 886414 1868390
accept-ranges: bytes
x-amz-cf-id: fT31entP49csZDOJi5eaRR4UZgSoyUlcRYxSrzBElwgCht1Y8hwjMQ==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F13604087462534611714&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=480&w=640&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=480&gp=358&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409477&de=174035697695&cu=1692929409477&m=626&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=0&ag=2&an=0&gf=2&gg=0&ix=2&ic=2&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=2&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3&cd=0&ah=3&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31911747%3A3238984077%3A6358972703%3A138443124438&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1460554272&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 rss_hover.png
cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/ Frame 2142 990 B
1 KB 11ms
9ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/rss_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25961940
x-cache: Hit from cloudfront
content-length: 990
server: Apache
etag: "2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1770757
accept-ranges: bytes
x-amz-cf-id: TyfUg_nRByiZGhqVfSdvBFYqHwRFOlyHTokoT9-QjTbNPP_LydE7ZQ==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame 2142 988 B
1 KB 12ms
10ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962899
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 58885315 49348652
accept-ranges: bytes
x-amz-cf-id: 21gvPugvDdeirOxHKMNVDkzeIWZi7Ozh3PvlOtalefx33if56l94nA==

GET
H2 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame 2142 918 B
1 KB 12ms
11ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:30:42 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9322768
x-cache: Hit from cloudfront
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2380009
accept-ranges: bytes
x-amz-cf-id: U16CNgKAcIUBnoEqUjREqbGhCf4aLUw_f1nZyMiESu5ujEuEE2R1KQ==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame 2142 914 B
1 KB 13ms
11ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962989
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: YE9u6pXp8hkcA6rT_r8GW--uDaKbPIGeEBIjeF2hmQ98W3eP4NLKRw==

GET
H2 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame 2142 591 B
1 KB 15ms
13ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25964927
x-cache: Hit from cloudfront
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4685902
accept-ranges: bytes
x-amz-cf-id: 5eJoNAMrlosSt0_ZbXir1lUcRiqyPX6VbEbIVy9eSenSGSeJLIuClA==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame 2142 585 B
1 KB 16ms
14ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12767049
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: AA_dQ4SFLbb9G09apibrJ2n01dw2Tlo-_qukYuvYRVIgt5jNUNofWg==

GET
H2 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame 2142 777 B
1 KB 16ms
15ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:44 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962985
x-cache: Hit from cloudfront
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 101941290
accept-ranges: bytes
x-amz-cf-id: NxUi2owg0iagKczpxzgyFouirZrqFk9Q3tfb_8ZCQU-RMGNRs0aWmA==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame 2142 781 B
1 KB 16ms
15ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25964916
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: x6Dtn78DLXh4gNBRTF_UtwWjAfA0ukV9SzXNuvMvLhpmrCoFZEqYtA==

GET
H2 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame 2142 348 B
865 B 16ms
16ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:11:04 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25963145
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 54493221 55607330
accept-ranges: bytes
x-amz-cf-id: 6VYmgIvCuhQF45Tmbi7KaXgOddfu3EtXg3kbQQcF4Hbo6Dn8XGn7Gw==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame 2142 348 B
858 B 18ms
17ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 12 May 2023 03:02:50 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9068840
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3447590
accept-ranges: bytes
x-amz-cf-id: G5ZLYfj77KpmIqKXNMdg5ln37_0nSX7Y0ye3kKXvfU4ZUuQOAiHp5g==

GET
H2 200 sophos-logo-blue-rgb.png
cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/ Frame 2142 2 KB
3 KB 15ms
14ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/sophos-logo-blue-rgb.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:18:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22362728
x-cache: Hit from cloudfront
content-length: 2145
server: Apache
etag: "2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2093189 1290029
accept-ranges: bytes
x-amz-cf-id: RSeV6oxr6C1FqMekq00tjQ7n9fkkroIvSjImwwxLXYSaJ2VYl8VQ8Q==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 07D3 0
10 B 16ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FMh43w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sophos-logo-blue-rgb.png
cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/ Frame 2142 2 KB
3 KB 8ms
7ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/5fe443e06af1a176d1a4b198892695d2b9c3001bfd898280f1f30fe11de7e391/sophos-logo-blue-rgb.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 06:18:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 22362728
x-cache: Hit from cloudfront
content-length: 2145
server: Apache
etag: "2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2093189 1290029
accept-ranges: bytes
x-amz-cf-id: Il0HM-c_SME7jJUCwfx91g-5hMvYwW50qtQNU5EBHwchNFGvnPN_lQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/a8ebb8e65380225718e105013b044990bf309124db6a063d2993489fa88cebe9/DR_Sophos_2023-Threat-Report.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 19 Dec 2022 15:58:25 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 21463904
x-cache: Hit from cloudfront
content-length: 40672
server: Apache
etag: "d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 19803895
accept-ranges: bytes
x-amz-cf-id: IJnlzcJIGPchYDorj9CbowJnq05QaYBB67Nb_JhbqFYPT2ri7VoxsQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/76e8b236cf163e361e7e04c519d560c500713d3dbcbca935fa82314b9708ecad/DR_Sophos_Extended-Detection-and-Response.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25961940
x-cache: Hit from cloudfront
content-length: 5524
server: Apache
etag: "2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 34012
accept-ranges: bytes
x-amz-cf-id: gFd_A3BTvkA7PACHxHk8A3icTLFvLysiTomCsLwnuizi56CZtTvFag==

GET
H2 200 w_soph131c8.jpg
cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/ Frame 2142 25 KB
25 KB 10ms
9ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/eebcdb014ca52ef87cab677be63d3383da1cc3bd515e6c05a2b7a2453482a44b/w_soph131c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:39:40 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8752316
x-cache: Hit from cloudfront
content-length: 25237
server: Apache
etag: "e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3834183 1621184
accept-ranges: bytes
x-amz-cf-id: xRAiT9bHkQq-OnwaDyA83gp90hSSRVZ1Qu7h4prdcHLqIdyFpAY16A==

GET
H2 200 w_soph132c8.jpg
cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/ Frame 2142 33 KB
33 KB 10ms
9ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/6775b06cde3ac0ea81dd4bca3d6f9e2863628455c1ae139c882380f0ae798a06/w_soph132c8.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:51:51 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 8752316
x-cache: Hit from cloudfront
content-length: 33540
server: Apache
etag: "118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4129189 1149283
accept-ranges: bytes
x-amz-cf-id: z8KxFKm3F2NydWN2hAR8AAbRqVYRLy2qx3xzDslGxuVovJ-sme6B9Q==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/3012f852b79f7c7ae122bb767f543ea60e1e286eae21b30549729042b1beab20/sophos-incident-response-guide.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 13:25:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 13610686
x-cache: Hit from cloudfront
content-length: 164485
server: Apache
etag: "cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 886414 1868390
accept-ranges: bytes
x-amz-cf-id: JhzOP9Mwz0W0zFYziGPAwF990mX3XpzyQWt2-7m36g08S1MfHjrMNA==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame 2142 988 B
1 KB 15ms
14ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962899
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 58885315 49348652
accept-ranges: bytes
x-amz-cf-id: MM4gx_TNbx6dNOOr1575OHp4y8QVEcWPyONj5qWj0eeF-XwtMKGfsg==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame 2142 914 B
1 KB 15ms
14ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962989
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: Kd13v1AKVBDmhfM9Sxf7VyU2mSW8XR6pUe_v0pNqSy9wzq01mOsxgQ==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame 2142 585 B
1 KB 12ms
11ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12767049
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: Veme3vPv-wqJb3ssaFhN0igcUkaqFYKkuwQsHXL0zJSzhxn2Ge2cGQ==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame 2142 781 B
1 KB 11ms
10ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25964916
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: t2EOOuhQFWdoBoBrsNw9zvxGYZmcIT-2e3cTshiJeM4zx_CE7GgDsQ==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame 2142 348 B
858 B 15ms
15ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 12 May 2023 03:02:50 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9068840
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3447590
accept-ranges: bytes
x-amz-cf-id: l8-wZSh1uYnL-cKgC2b_8qQRLw9oqL_0jhElKxLSPEVO9BQjsJUwvw==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 23BB 42 B
64 B 45ms
44ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssTk59E8b7rFd3we7q6zapnoDpMY60bOcReODppEqJs_Gi-zq4f8rG8pMG9_CA_uwFD2RohCfIJfWnS6_IgkRUVcPMR_RC-W2LNgJwjK1gc5zfVFn5Aw_M21MhfzoEk&sig=Cg0ArKJSzOdOicuUdBq1EAE&id=lidar2&mcvt=1044&p=126,436,216,1164&mtos=1044,1044,1044,1044,1044&tos=1044,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1448016527&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692929408830&rpt=314&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjkyOTI5NDA5eGQ1ODBiYzIzMDBmMDgweDAzNDkwNTc4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI4ODA5NTQ4OTIzMzcyMzYxIiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTY5MjkyOTQwOS45MjMsInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNi4wLjU4NDUuMTEwIFNhZmFyaS81MzcuMzYiLCJvcmllbnRhdGlvbiI6MCwidG9wbW9zdFJlYWNoYWJsZVdpbmRvdyI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwfSwiaG9zdFdpbmRvdyI6eyJ3aWR0aCI6NSwiaGVpZ2h0Ijo1fSwibmVzdGluZyI6eyJpZnJhbWUiOnRydWUsImZyaWVuZGx5SWZyYW1lIjp0cnVlLCJpYWJGcmllbmRseUlmcmFtZSI6dHJ1ZSwiaG9zdGlsZUlmcmFtZSI6ZmFsc2UsImlmcmFtZURlcHRoIjoxfSwicGFnZVZpc2liaWxpdHlBcGkiOnRydWUsInJlcXVlc3RBbmltYXRpb25GcmFtZSI6dHJ1ZSwidG9wV2luZG93TmF0aXZlUkFGU3VwcG9ydGVkIjpmYWxzZSwiYWxsb3dOb25OYXRpdmVSQUZGb3JWaWV3YWJsZVRpbWVVc2VkIjpmYWxzZSwiY2xpZW50VGltZVpvbmVPZmZzZXRJbk1pbnV0ZXMiOi0xMjAsInN1cHBvcnRzQ29udGFpbmVyVmlld2FiaWxpdHkiOnRydWUsInN1cHBvcnRzQ29udGFpbmVySW5pdGlhbFZpZXdhYmlsaXR5Ijp0cnVlLCJ0YWdQYXJlbnRXaWR0aCI6MCwidGFnUGFyZW50SGVpZ2h0IjowLCJhbXBEZXRlY3RlZCI6ZmFsc2UsImFtcE5lc3RpbmdMZXZlbCI6IiIsInNhZmVGcmFtZURldGVjdGVkIjpmYWxzZSwiZmV0Y2hTdXBwb3J0ZWQiOnRydWUsImFzYXBFbmFibGVkIjpudWxsLCJuYXRpdmVQcm9taXNlc1N1cHBvcnRlZCI6dHJ1ZSwiYmVhY29uU3VwcG9ydGVkIjp0cnVlLCJJbnRlcnNlY3Rpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwiaXNNdXRhdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJ3ZWJWaWV3IjpudWxsLCJpc1dpbmRvd09wZW5OYXRpdmUiOnRydWUsInByb3RvTG9hZGluZyI6eyJkYXRhTG9hZFN0YXR1cyI6InN1cHBvcnRlZCIsImJsb2JMb2FkU3RhdHVzIjoic3VwcG9ydGVkIn0sInRvcFdpbmRvd0xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tIiwidG9wV2luZG93TG9jYXRpb25MZW5ndGgiOjI3LCJuYW1lIjoiZW52aXJvbm1lbnRJbmZvIn0seyJzZXNzaW9uSWQiOiJzMTY5MjkyOTQwOXhkNTgwYmMyMzAwZjA4MHgwMzQ5MDU3OCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiODgwOTU0ODkyMzM3MjM2MSIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE2OTI5Mjk0MTAuMjg4LCJuYW1lIjoiY3JlYXRpdmVMb2FkZWQiLCJ2aWV3YWJpbGl0eTAwTWVhc3VyYWJsZSI6dHJ1ZSwidmlld2FiaWxpdHk1MDFNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJsZVRpbWVNZWFzdXJhYmxlIjpmYWxzZSwiY2RuVmFyaWFudCI6Im5vbmUifSx7InNlc3Npb25JZCI6InMxNjkyOTI5NDA5eGQ1ODBiYzIzMDBmMDgweDAzNDkwNTc4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI4ODA5NTQ4OTIzMzcyMzYxIiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTY5MjkyOTQxMC4zMDMsIm5hbWUiOiJ2aWV3cG9ydFBsYWNlbWVudEdlb21ldHJ5IiwicGFnZURpbWVuc2lvbnMiOnsiaGVpZ2h0Ijo0MTk1LCJ3aWR0aCI6MTYwMH0sInZpZXdwb3J0UG9zaXRpb25SZWN0Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDAsImxlZnQiOjAsInRvcCI6MH0sImZpcnN0UGxhY2VtZW50UG9zaXRpb25SZWN0Ijp7ImxlZnQiOjk4OCwidG9wIjoyOTYsIndpZHRoIjozMDAsImhlaWdodCI6NjAwfX0seyJzZXNzaW9uSWQiOiJzMTY5MjkyOTQwOXhkNTgwYmMyMzAwZjA4MHgwMzQ5MDU3OCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiODgwOTU0ODkyMzM3MjM2MSIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE2OTI5Mjk0MTAuMzA0LCJuYW1lIjoidmlld2FibGUwMCIsImNyaXRlcmlvbiI6eyJuYW1lIjoiQ29yZSIsInJhdGlvIjowLCJ0aW1lIjowfX0seyJzZXNzaW9uSWQiOiJzMTY5MjkyOTQwOXhkNTgwYmMyMzAwZjA4MHgwMzQ5MDU3OCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiODgwOTU0ODkyMzM3MjM2MSIsImluZGV4Ijo1LCJjbGllbnRUaW1lc3RhbXAiOjE2OTI5Mjk0MTAuMzE1LCJ1bml0TmFtZSI6ImJhbm5lciIsInVuaXRWYXJpYW50TG9jYWxJZCI6bnVsbCwic2NyZWVuTG9jYWxJZCI6MTM2OCwic2NyZWVuVGl0bGUiOiJSZXNvdXJjZXMiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNjkyOTI5NDEwLjMxNSwibmFtZSI6InNjcmVlblNob3duIn0seyJzZXNzaW9uSWQiOiJzMTY5MjkyOTQwOXhkNTgwYmMyMzAwZjA4MHgwMzQ5MDU3OCIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiODgwOTU0ODkyMzM3MjM2MSIsImluZGV4Ijo2LCJjbGllbnRUaW1lc3RhbXAiOjE2OTI5Mjk0MTAuMzE1LCJuYW1lIjoiY3JlYXRpdmVSZW5kZXJlZCJ9XX0=?crc32c=548371290
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.76.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-76-157.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 25 Aug 2023 02:10:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409180&de=509805140611&cu=1692929409180&m=1153&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1102&an=29&gi=1&gf=1102&gg=29&ix=1102&ic=1102&ez=1&ck=1102&kw=895&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1102&bx=29&ci=1102&jz=895&dj=1&aa=0&ad=958&cn=0&gk=958&gl=0&ik=958&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=895&cd=58&ah=895&am=58&xd=00&rf=0&re=1&ft=958&fv=0&fw=958&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-leaderboard&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=295671283&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H3 200 iframe_api Show response
www.youtube.com/ Frame 2142 993 B
519 B 26ms
26ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 02:10:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type: text/javascript; charset=utf-8
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial: AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 rss_hover.png
cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/ Frame 2142 990 B
1 KB 10ms
7ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/82a3278077b1fa57b623faca8218253948280aafcfffcf15d53c579aeff15a03/rss_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25961940
x-cache: Hit from cloudfront
content-length: 990
server: Apache
etag: "2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 1770757
accept-ranges: bytes
x-amz-cf-id: IE2EaO1DWSoCbc548wwxcyuZ9XkOo4Pn0tfTDjaGOjBOVgoDuIvUFA==

GET
H2 200 rss.png
cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/ Frame 2142 988 B
1 KB 9ms
7ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/b1cdc0ecb51975dba9ab6759d0985f34bf971d517bb87e169f46d806ce108101/rss.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:15:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962899
x-cache: Hit from cloudfront
content-length: 988
server: Apache
etag: "4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 58885315 49348652
accept-ranges: bytes
x-amz-cf-id: PbZhpfLrpl29SPGTkbdcykvOV0ig0jBduSQ_6l4Gnf-rk_sRTe1Qrg==

GET
H2 200 yt_hover.png
cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/ Frame 2142 918 B
1 KB 12ms
11ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/05c871534a66ba01deefbc75b6ed2f9281993581e903223785a6f6a7ff82bebb/yt_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 09 May 2023 04:30:42 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9322768
x-cache: Hit from cloudfront
content-length: 918
server: Apache
etag: "6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2380009
accept-ranges: bytes
x-amz-cf-id: D1V0caMLGnnvAzqc5NpZew01Z9R7LFuwjKeuRs1wi0uB6us3M_p4Ow==

GET
H2 200 yt.png
cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/ Frame 2142 914 B
1 KB 10ms
8ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/13d77e3befd746d58356da2f0b0d1d20af11ba13ea0ca8cd7b73871ef1d40edd/yt.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:41 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962989
x-cache: Hit from cloudfront
content-length: 914
server: Apache
etag: "8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 90112054
accept-ranges: bytes
x-amz-cf-id: 8VQ7lSRPrCR4wH7csaxUsReP_bmP0NIvt1Bv7kPW6gAKemutGwm4gA==

GET
H2 200 li_hover.png
cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/ Frame 2142 591 B
1 KB 12ms
11ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/e3228348fc17573d7db7d135ba5cf60985157f70dae6643939d3a6686b2aa699/li_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:22 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25964927
x-cache: Hit from cloudfront
content-length: 591
server: Apache
etag: "c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 4685902
accept-ranges: bytes
x-amz-cf-id: Cwta9Mp3w86qsMw0lSC6521yKwxvrrUStryER9CWtFiHNQsNDPMrCg==

GET
H2 200 li.png
cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/ Frame 2142 585 B
1 KB 10ms
9ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2e1d1ae5940fbdaa5f95c1c17393175faf02b27a8c6b37dca2419c70113760ab/li.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Thu, 30 Mar 2023 07:46:01 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 12767049
x-cache: Hit from cloudfront
content-length: 585
server: Apache
etag: "d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 2695399
accept-ranges: bytes
x-amz-cf-id: Tp4y2HMvM8Nk0Fi3lJSFNx0rUB87SMnR25U9uQ_Idokb8uAj3_Felg==

GET
H2 200 tw_hover.png
cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/ Frame 2142 777 B
1 KB 14ms
13ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/f0cccd681d168932db801410643c93f0df03370d5c638ab3e4a16e92b80b3aa0/tw_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:13:44 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25962985
x-cache: Hit from cloudfront
content-length: 777
server: Apache
etag: "1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 101941290
accept-ranges: bytes
x-amz-cf-id: g5bGADnTwMlXiPc7C8ZICYSLqO0UKl6zYhBTYUgHmra5ZtPas0SIPw==

GET
H2 200 tw.png
cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/ Frame 2142 781 B
1 KB 11ms
10ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/9ad81786e386c3155cbc468769eddcc96e3e991156ad745860288c59c63a417c/tw.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 13:41:34 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25964916
x-cache: Hit from cloudfront
content-length: 781
server: Apache
etag: "308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 35553383
accept-ranges: bytes
x-amz-cf-id: us_RySp2v7_QITZJIXK7wGmUd4VLCkmZLV5qHcDVbzUWEj9ycmvsIQ==

GET
H2 200 fb_hover.png
cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/ Frame 2142 348 B
866 B 14ms
13ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/652ab50d0e331e4269bb4d847fcc5a5a4e3def07bb1ebca4d2d6fda889e52604/fb_hover.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:11:04 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25963145
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 54493221 55607330
accept-ranges: bytes
x-amz-cf-id: WQOu8D1NjZhhwz19YtuMpIPh7DsduXr1KpzGtQxUXqDkkXbHU9vAnw==

GET
H2 200 fb.png
cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/ Frame 2142 348 B
849 B 12ms
11ms Image
image/png 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/44f24c3edfffb11dd41284fe3c7bddb08dc29236aa3509e3a243c10f9804b28d/fb.png?transform=crush
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/ebay-users-russian-telekopye-telegram-phishing-bot
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 12 May 2023 03:02:50 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 9068840
x-cache: Hit from cloudfront
content-length: 348
server: Apache
etag: "e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395"
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 3447590
accept-ranges: bytes
x-amz-cf-id: s-4T9XET4vlaRfSzdmH8q91yIJ1zQwxICj7aLhh-XDYZyF3vrQbKqg==

GET
H2 200 8ec7eeb9565eac7df7bc780ed5a35e56df0ba6c8522262e69f565a31717e7fb7
cache-ssl.celtra.com/api/videoThumb/ Frame 2142 4 KB
4 KB 11ms
11ms Image
image/jpeg 18.66.112.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/videoThumb/8ec7eeb9565eac7df7bc780ed5a35e56df0ba6c8522262e69f565a31717e7fb7?position=50&transform=crush&resize=nullx200&quality=90&colorAccurate=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-15.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 1525351d3893be6380f4274e46148720c51d967e58b4b3fdd942a77c40add3cb

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 28 Oct 2022 14:31:10 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 25961939
x-cache: Hit from cloudfront
content-length: 4057
server: Apache
etag: "1525351d3893be6380f4274e46148720c51d967e58b4b3fdd942a77c40add3cb"
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 329290
accept-ranges: bytes
x-amz-cf-id: RNcPyCECtwOBHcTLosLybDsBmHzyEGYfQx3rvAh0i1aar-3TlOHx4w==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E36E 42 B
64 B 46ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWFIFAXuP1lS61Lik4X8rDe-s4rsTu_f38apOuIkRxmaj43lGcWYPcqzKgTy6UQXq4OH1p1FWHduogg6zMhFkO99Q7l3l1ZJfimymCPV76oa16GNQ9RSRWHjWcxlkY&sig=Cg0ArKJSzLVFlLyfvilHEAE&id=lidar2&mcvt=1023&p=1103,308,1104,309&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1784645127&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692929408878&rpt=436&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 03EF 42 B
64 B 47ms
44ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss54HXNnzJMlFYYMU7pZ3RUHMc7JYj5Xn7vy9c-5IDAG5NXjPpfqifqEX7t3dlyVRMHpl7OqE4sNFqmNAc1RicxemN6SpeBp_ZKsgR2XNuwhIb5IqNiJyq4WSDrJG4p&sig=Cg0ArKJSzETM0HRkLKm2EAE&id=lidar2&mcvt=1024&p=337,987,588,1288&mtos=1024,1024,1024,1024,1024&tos=1024,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1406321409&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692929408970&rpt=381&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409180&de=509805140611&cu=1692929409180&m=1154&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1102&an=1102&gi=1&gf=1102&gg=1102&ix=1102&ic=1102&ez=1&ck=1102&kw=895&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1102&bx=1102&ci=1102&jz=895&dj=1&aa=0&ad=958&cn=958&gk=958&gl=958&ik=958&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=895&cd=895&ah=895&am=895&xd=00&rf=0&re=1&ft=958&fv=958&fw=958&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-leaderboard&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=430369851&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/ Frame 2142 209 KB
65 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/21812a9c/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Fri, 25 Aug 2023 01:22:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2855
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66086
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 01:51:20 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 24 Aug 2024 01:22:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409180&de=509805140611&cu=1692929409180&m=1155&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1102&an=1102&gi=1&gf=1102&gg=1102&ix=1102&ic=1102&ez=1&ck=1102&kw=895&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1102&bx=1102&ci=1102&jz=895&dj=1&aa=0&ad=958&cn=958&gk=958&gl=958&ik=958&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=895&cd=895&ah=895&am=895&xd=00&rf=0&re=1&ft=958&fv=958&fw=958&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-leaderboard&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=178172131&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E647 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqTxugQ3oZKuwC_OTjuwPq_SCMAAAAAA4AeAEAg&bg=!VValVhnNAAYkVgHwBFY7ADQBe5WfOP8T-hJpce6lMYBODNn9jzlXoIVUSyprC7ffQGQBJmWWP25fHvQ0XEo11Lr0h2pfAgAAAWVSAAAABmgBBwoArjOPBvo3SGgs9jv8PN2KE-36nwQdKaq0pdlohnlXk02-inbceB_mxM08wXQNm3wr4NY859Zm_lW9g8nH9TkoSFXHKaW9CA8kM8WMTStTVVVbIU9IzCZxehrwQHKP0zQIDBRfh91a7daGjnoPl_bV_WqLDXZEbQFtsAHARfX2zx5SbNtelpO_vwly3D7NUXgOfPOu0RZ2pfxUc19IhwN3BksiX-xWPCUNs8rw2FTGDpkC0bZnpatdikKlYiF4HlU08XakO0id2fsKWFCQWBP4AV9Dviv4jOCoSWU6YnMCRjKk1DztJ8aps5aHGt0hox51pn_RnQCih0N2VzJ0zPjhdHhoGBVN7dPBtTalV6rJqtWsyq93Y-Qio1iuIcgCaRjrxxIL6nX8JUL9QfVNu6EO03t2OqPZDP7XsZqaBhWMUVkOR6AP-XjWCX5nfTZurU-oGuMIZqq9WH7w_-17AzAsI2bPtlJmVg5ukcukmqxxH65GkN67jB6MiODTHATV2y7SLzCZ55qEd506V1AaIuo60QqZ6ftOtqfP4sClvCVXOmQuf9MhX0UZC6LRhx1sr0yySLG8mI48TGfcereqmm33JrTGR4xVPgrLOBWDvj_UxEDodSmHovgBO4W4Z41zQNTThVfE4e23GRkkN6OP5RPa_aCXmomLhqxmkc3ElzLYWiQCpc4Ia9wuWG01ekmwCY5SYVhWDXs5KvlBcy1tabeoqZxjIu8pdL-lA6Jqi4mUqGQwHSNO1dafkE-qIxW2vM81lEExfEAvnDsk5Y1Ae7Yx_QoQ9dBioyxKc9ae3TW3-m30_agC5kAioiI2DfNrW9UIqtbLJVL1kSiyK3KkkqLCGyyzJgItONX2K6CP9FTRF5S1-sryqQAy8B74jL1MfJPWLEDEmKwYq6BPPu-ai6e4W7FLJVd18Y4B1uM84eaGpdC_rOl9nLQGGOzPQLgv4o7RS6kpwgLjODp4IyFdD06VZ01cuAdXYiLkln6K6rDtZYoI8U6PwVjbp_GH6bK3vX5dVZR4G1hq68NnGs-xDqww2cqzj5cvqrpf14Px3MtSvbu6N_Ar3qMhTQRYN3K7Tzc9Gci8ZnRQpiAWj_82_STWUmtthR2CuUV7u8J67ICNXJnTk4YNfCrLaKbfLGH0TSOBmlTHOizXNM4Xrwqu5KAa8OVOILsYN7dSZ9v-zBmk1Cidd_4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409358&de=637204561446&cu=1692929409358&m=1012&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1006&an=1&gi=1&gf=1006&gg=1&ix=1006&ic=1006&ez=1&ck=1006&kw=759&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1006&bx=1&ci=1006&jz=759&dj=1&aa=0&ad=869&cn=0&gk=869&gl=0&ik=869&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=759&cd=2&ah=759&am=2&xd=00&rf=0&re=1&ft=869&fv=0&fw=869&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=14_srjuroyxzq000000srjuroyxzq000000srj&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=590742609&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409358&de=637204561446&cu=1692929409358&m=1012&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1006&an=1006&gi=1&gf=1006&gg=1006&ix=1006&ic=1006&ez=1&ck=1006&kw=759&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1006&bx=1006&ci=1006&jz=759&dj=1&aa=0&ad=869&cn=869&gk=869&gl=869&ik=869&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=759&cd=759&ah=759&am=759&xd=00&rf=0&re=1&ft=869&fv=869&fw=869&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=14_srjuroyxzq000000srjuroyxzq000000srj&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1881028708&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409358&de=637204561446&cu=1692929409358&m=1013&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1006&an=1006&gi=1&gf=1006&gg=1006&ix=1006&ic=1006&ez=1&ck=1006&kw=759&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1006&bx=1006&ci=1006&jz=759&dj=1&aa=0&ad=869&cn=869&gk=869&gl=869&ik=869&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=759&cd=759&ah=759&am=759&xd=00&rf=0&re=1&ft=869&fv=869&fw=869&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=14_srjuroyxzq000000srjuroyxzq000000srj&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1985676380&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409317&de=322773208719&cu=1692929409317&m=1072&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=0&ag=11&an=0&gf=11&gg=0&ix=11&ic=11&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=11&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=22&cd=0&ah=22&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=13_hnd95doknq000000hnd95doknq000000hnd&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=651849305&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409180&de=509805140611&cu=1692929409180&m=1364&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1312&an=1102&gi=1&gf=1312&gg=1102&ix=1312&ic=1312&ez=1&ck=1102&kw=895&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1312&bx=1102&ci=1102&jz=895&dj=1&aa=1&ad=1168&cn=958&gn=1&gk=1168&gl=958&ik=1168&co=1168&cp=1131&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1131&cd=895&ah=1131&am=895&xd=00&rf=0&re=1&ft=1168&fv=958&fw=958&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-leaderboard&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=179487721&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409358&de=637204561446&cu=1692929409358&m=1218&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1212&an=1006&gi=1&gf=1212&gg=1006&ix=1212&ic=1212&ez=1&ck=1006&kw=759&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1212&bx=1006&ci=1006&jz=759&dj=1&aa=1&ad=1075&cn=869&gn=1&gk=1075&gl=869&ik=1075&co=1075&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1007&cd=759&ah=1007&am=759&xd=00&rf=0&re=1&ft=1075&fv=869&fw=869&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=14_srjuroyxzq000000srjuroyxzq000000srj&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1278667568&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:10 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8AE4 42 B
64 B 45ms
45ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoZhNlsdNZBOeYTYsd3jjAJZr1rd7B1LRotoKAftDKefJHq9wIV0jVZfIPhjeKGFEW9ZCBKMre4hM_5ceSJIu99cH7trQ492Ja9SQ6rx-OHHnVSJ8e7iS5Nnbk5xnR&sig=Cg0ArKJSzCBT5Icixz9rEAE&id=lidar2&mcvt=1001&p=0,0,1200,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2734278250&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692929408693&rpt=955&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308220101&jk=118634925123366&bg=!hYalhsnNAAYkVgHwBFY7ADQBe5WfOEXviGrGn1Ia6jZ8cNvfrL5z5zE05VgFJIX_gxDJqMUdDOPs6v_1zGQg9JjY_XjRAgAAAc5SAAAADGgBB5kCyWuLjsRxC-umxe9FaQmdGx6UPoDzQHxaByT3iNrnxkrPul0sHfy0HLnWq50kF9bX9XI7YAOMjc_zZ4eyb0vsUynBVEUh8JBK4GiGx8FMU4Z-CJn27XnuzfYKhGkVT3qI1U4uG9KQchHO7uFkDyqy7qOQOTsNiQkBCJ3X3-GgzmNipvYQeNjghOMHXSQmOm9EiydvjKBOM_KHeVOkaCVlgjmwk3M2DR-QlSOhtSb38SmCDPJK8ix6yKT39cvS57FCyXMI3sfcNGxaBT7DOCapfd6bn58wgP1-v7JJ9q-jG22ATfgPokP0FTFXurWBg-Zq2x6cZaE82oGZq5GoZpbMcuu1vyXajsK-uHTYNUrWW-_4lxTbNvi2c5qKQ6vb-yn4_uG4Gt4EP9Vndbf42rH2oDjiw2GUVjYJrwCIoHCTUw0adtR-K-v_-brYeqkDDKk38u3Uqo0xuBAHanP88msjcXSqmkipF9KocEOYeDkbBe_1ECbyQdZFlcpJirQDbGvsGrieK3V6YLB9MrQX9Kb3CUuCkXshzylp621dZPsAm57TLFh_v5VvR_NYgXwM14l6TRTUE85_SXLbW-Ks0p5Z2NUJwpFvxZWyOXxtLYUWakdugjDs5T_hDYpxP6FUsj4nZeFUvdZP6d03AessVr_S72VmpoKJl8SD101obAzuS9xiaIGyb7zRYuqD7gwjfrBYLEJCFdZPiW1m6PJk6xN6DBPn7YYD4-VSUsyYSPUDtzePgTHd_aFj-5iQg-zWknd1bpNcdtt5dSlPi13WcqA34-2cWGWAePvV9-7NF3ld3aAOFRIyVO3U4cV4JZCi2D3R1IYYZXKrf_7Lz51mxsYlXx9FaB0cFjgYiRQpT0nP5c8VrAcGZNyRbpDgN3qYFYIEYNQ2iQT6y9Fy0du0jw86hExZ1UiZty1CE7IIvyOOPRhUjrV1DVWRu-96
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8AE4 42 B
64 B 44ms
43ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuCbJUEFzBYIYrbUliyB__-vomc-E7ikbDlravZ0wjsWPbgVhZhZR9NZ6TlbcGdpJrOiJ35-j41bnZrzsR9xKl_XhRTHx6awMvzjkHZ3EC_T4&sig=Cg0ArKJSzIAdCV_v4HYREAE&id=lidar2&mcvt=1016&p=358,480,838,1120&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230823&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=32&adk=635667956&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692929408693&rpt=959&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=480&w=640&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=480&gp=358&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409477&de=174035697695&cu=1692929409477&m=1704&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1081&an=2&gi=1&gf=1081&gg=2&ix=1081&ic=1081&ez=1&ck=1081&kw=848&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1081&bx=2&ci=1081&jz=848&dj=1&aa=0&ad=963&cn=0&gk=963&gl=0&ik=963&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=848&cd=3&ah=848&am=3&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31911747%3A3238984077%3A6358972703%3A138443124438&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=DCM%20ins&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1139169927&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 10ms
9ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=480&w=640&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=480&gp=358&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409477&de=174035697695&cu=1692929409477&m=1705&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1081&an=1081&gi=1&gf=1081&gg=1081&ix=1081&ic=1081&ez=1&ck=1081&kw=848&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1081&bx=1081&ci=1081&jz=848&dj=1&aa=0&ad=963&cn=963&gk=963&gl=963&ik=963&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=848&cd=848&ah=848&am=848&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31911747%3A3238984077%3A6358972703%3A138443124438&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=DCM%20ins&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=235244294&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=480&w=640&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=480&gp=358&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409477&de=174035697695&cu=1692929409477&m=1706&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1081&an=1081&gi=1&gf=1081&gg=1081&ix=1081&ic=1081&ez=1&ck=1081&kw=848&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1081&bx=1081&ci=1081&jz=848&dj=1&aa=0&ad=963&cn=963&gk=963&gl=963&ik=963&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=848&cd=848&ah=848&am=848&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31911747%3A3238984077%3A6358972703%3A138443124438&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=DCM%20ins&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1882908602&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNjkyOTI5NDA5eGQ1ODBiYzIzMDBmMDgweDAzNDkwNTc4IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiI4ODA5NTQ4OTIzMzcyMzYxIiwiaW5kZXgiOjcsImNsaWVudFRpbWVzdGFtcCI6MTY5MjkyOTQxMS4zMTgsIm5hbWUiOiJ2aWV3YWJsZTUwMSIsImNyaXRlcmlvbiI6eyJuYW1lIjoiNTAvMSIsInJhdGlvIjowLjUsInRpbWUiOjEwMDB9fV19?crc32c=2384733712
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.147.76.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-147-76-157.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Fri, 25 Aug 2023 02:10:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 77ms
77ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=1&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=480&w=640&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=480&gp=358&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409477&de=174035697695&cu=1692929409477&m=1918&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=358&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1296&an=1081&gi=1&gf=1296&gg=1081&ix=1296&ic=1296&ez=1&ck=1081&kw=848&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1296&bx=1081&ci=1081&jz=848&dj=1&aa=1&ad=1178&cn=963&gn=1&gk=1178&gl=963&ik=1178&co=1178&cp=1082&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1082&cd=848&ah=1082&am=848&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=31911747%3A3238984077%3A6358972703%3A138443124438&bo=22316126855&bp=22339890152&bd=welcome_v&zMoatPS=welcome_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=1x1&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-welcome&hv=DCM%20ins&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=2027700981&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409317&de=322773208719&cu=1692929409317&m=2084&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1024&an=11&gi=1&gf=1024&gg=11&ix=1024&ic=1024&ez=1&ck=1024&kw=823&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1024&bx=11&ci=1024&jz=823&dj=1&aa=0&ad=924&cn=0&gk=924&gl=0&ik=924&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=823&cd=22&ah=823&am=22&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=13_hnd95doknq000000hnd95doknq000000hnd&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1608849938&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 10ms
10ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409317&de=322773208719&cu=1692929409317&m=2086&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1024&an=1024&gi=1&gf=1024&gg=1024&ix=1024&ic=1024&ez=1&ck=1024&kw=823&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1024&bx=1024&ci=1024&jz=823&dj=1&aa=0&ad=924&cn=924&gk=924&gl=924&ik=924&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=823&cd=823&ah=823&am=823&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=13_hnd95doknq000000hnd95doknq000000hnd&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=885867845&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409317&de=322773208719&cu=1692929409317&m=2087&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1024&an=1024&gi=1&gf=1024&gg=1024&ix=1024&ic=1024&ez=1&ck=1024&kw=823&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1024&bx=1024&ci=1024&jz=823&dj=1&aa=0&ad=924&cn=924&gk=924&gl=924&ik=924&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=823&cd=823&ah=823&am=823&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=13_hnd95doknq000000hnd95doknq000000hnd&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1764823173&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 12ms
11ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=3&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409317&de=322773208719&cu=1692929409317&m=2295&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=1235&an=1024&gi=1&gf=1235&gg=1024&ix=1235&ic=1235&ez=1&ck=1024&kw=823&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1235&bx=1024&ci=1024&jz=823&dj=1&aa=1&ad=1135&cn=924&gn=1&gk=1135&gl=924&ik=1135&co=1135&cp=1035&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1035&cd=823&ah=1035&am=823&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138368021044&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=13_hnd95doknq000000hnd95doknq000000hnd&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=504468723&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:11 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 20ms
19ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409180&de=509805140611&cu=1692929409180&m=5113&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=5061&an=1312&gi=1&gf=5061&gg=1312&ix=5061&ic=5061&ez=1&ck=1102&kw=895&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5061&bx=1312&ci=1102&jz=895&dj=1&aa=1&ad=4917&cn=1168&gn=1&gk=4917&gl=1168&ik=4917&co=1168&cp=1131&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4889&cd=1131&ah=4889&am=1131&xd=00&rf=0&re=1&ft=4917&fv=1168&fw=958&wb=2&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138409377623&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=div-gpt-ad-leaderboard&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=1457371540&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
8ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=251&w=301&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409358&de=637204561446&cu=1692929409358&m=5174&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=1&ag=5168&an=1212&gi=1&gf=5168&gg=1212&ix=5168&ic=5168&ez=1&ck=1006&kw=759&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5168&bx=1212&ci=1006&jz=759&dj=1&aa=1&ad=5031&cn=1075&gn=1&gk=5031&gl=1075&ik=5031&co=1075&cp=1007&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4963&cd=1007&ah=4963&am=1007&xd=00&rf=0&re=1&ft=4928&fv=1075&fw=869&wb=2&cl=0&at=0&d=5004764576%3A3099799181%3A6140421032%3A138413429909&bo=22316126855&bp=22339890152&bd=300_2v&zMoatPS=300_2v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=301x251&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=14_srjuroyxzq000000srjuroyxzq000000srj&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=170387707&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:14 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 8ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=11&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BG%24%3D!!tFQ%5Bh3Mefz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-qzU31%2B7Cex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-Fe6rgEk%2F07YACQ%3D%3D&sc=1&os=1-ew%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=299&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&id=1&ii=4&f=0&j=&t=1692929409324&de=684799345214&cu=1692929409324&m=5400&ar=45436f5f584-clean&iw=e42017d&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4195&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A1269%3A1844%3A3034%3A1293&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=0&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5189&cd=3&ah=5189&am=3&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=5247912870%3A3231394965%3A6343976295%3A138441419009&bo=22316126855&bp=22339890152&bd=300_1v_article&zMoatPS=300_1v_article&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=299x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&zMoatDev=Desktop&zMoatDfpSlotId=9_e36x8kurhfi00000e36x8kurhfi00000e36&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=205170&na=2090200449&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Fri, 25 Aug 2023 02:10:14 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 25 Aug 2023 02:10:14 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 16:25:05	Name: _gcl_au Value: 1.1.1800624964.1692929407
.js.ubembed.com/	1970-01-20 14:15:31	Name: __cf_bm Value: 8.mEzxmd4_symdrlZ5fkrj.gHmFqCBYCOF34u9vBH3A-1692929407-0-Acx0o6p06NMEHZnIdKLx0R3X0j/+6XMNrZZx8oPOnaXtnQ09onEnTqJkz3Loq06V0tNJKUBA+gyRhLKBdrldsms=
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: knRercG2pGs
.youtube.com/	1970-01-20 18:34:41	Name: VISITOR_INFO1_LIVE Value: H2OWJM9gksY
.darkreading.com/	1970-01-20 18:34:41	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Fri+Aug+25+2023+04%3A10%3A07+GMT%2B0200+(Central+European+Summer+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=921589e2-99ef-43b1-b14c-f31fab42509f&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Febay-users-russian-telekopye-telegram-phishing-bot&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-20 14:16:55	Name: _gid Value: GA1.2.2035785418.1692929407
.darkreading.com/	1970-01-20 14:15:29	Name: _gat_UA-135180592-2 Value: 1
.darkreading.com/	1970-01-20 23:51:29	Name: _ga_1X1EHQ3PFR Value: GS1.1.1692929407.1.0.1692929407.60.0.0
.darkreading.com/	1970-01-20 14:15:31	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-20 23:51:29	Name: _sp_id.94c4 Value: 04670477-51d3-472b-b00c-a0f5adfcacf9.1692929407.1.1692929407.1692929407.32c37ce5-ea38-474c-b0d4-2ddf1cb02803
.darkreading.com/	1970-01-20 23:44:17	Name: _cb Value: K0gRYD-EQLJC6zkqj
.darkreading.com/	1970-01-20 23:44:17	Name: _chartbeat2 Value: .1692929407432.1692929407432.1.BEIJFbCtbO-PD4-JTjCP2EodBNs4IM.1
.darkreading.com/	1970-01-20 14:15:31	Name: _cb_svref Value: null
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: 9b8d621bda8c059cb53b1be5a80752115102887d3850157efa1f922d3fdc6e46%7Cdb5c7696d8b93bc57645b0373a3e998751f9199167b93192117ea3d54875d526
.darkreading.com/	1970-01-20 23:51:29	Name: __td_signed Value: true
.darkreading.com/	1970-01-20 23:51:29	Name: _td Value: 3a1885a7-75e6-47fe-be32-6c3eb9714bdc
.darkreading.com/	1970-01-20 23:01:05	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjRkMzZhMDlhLTczZGItNWY2Ni1hZjlkLThhNjE3ZGY2ZmZjNSIsImNyZWF0ZWQiOjE2OTI5Mjk0MDc0OTQsImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 14:15:31	Name: _hjFirstSeen Value: 1
.darkreading.com/	1970-01-20 14:15:29	Name: _hjIncludedInSessionSample_2610568 Value: 0
.darkreading.com/	1970-01-20 14:15:31	Name: _hjSession_2610568 Value: eyJpZCI6IjY1Mjg2ZTIwLTJkNWQtNGFjMy05YjJhLWRiMWVmMWY0YTkzMCIsImNyZWF0ZWQiOjE2OTI5Mjk0MDc1MDYsImluU2FtcGxlIjpmYWxzZX0=
.darkreading.com/	1970-01-20 14:15:31	Name: _hjAbsoluteSessionInProgress Value: 1
.in.treasuredata.com/	1970-01-20 23:51:29	Name: _td_global Value: b7eae344-1c76-48e4-869e-09c6f3d811c5
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
www.darkreading.com/	1970-01-20 14:16:55	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.adnxs.com/	1970-01-20 16:25:05	Name: uuid2 Value: 2402797418881220035
.darkreading.com/	1970-01-20 23:01:05	Name: sp Value: 3fcaa9af-754f-4fbd-ae08-d2a25eb921fd
.darkreading.com/	1969-12-31 23:59:59	Name: at_check Value: true
.darkreading.com/	1970-01-20 23:47:10	Name: ELOQUA Value: GUID=3C26829D3B1E47B58C6AA5C5051C0EE6
.darkreading.com/	1970-01-20 23:51:29	Name: mbox Value: session#8ce3629b1d274d02bf4de7cafbd4917b#1692931268\|PC#8ce3629b1d274d02bf4de7cafbd4917b.37_0#1756174208
.darkreading.com/	1970-01-20 14:15:31	Name: mboxEdgeCluster Value: 37
.dpmsrv.com/	1970-01-20 23:51:29	Name: dpm_pxl Value: 42cea0fd75e07924d10ab7b93dbc88b62bf80939
.dpmsrv.com/	1970-01-20 23:51:29	Name: dpm_pxl_aid Value: 2402797418881220035
www.darkreading.com/	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.doubleclick.net/	1970-01-20 23:37:05	Name: IDE Value: AHWqTUleNesoDgdZ3XyckstM9SsrNqjbFwZFY0lzgbldcIa_E75ut5GsTNetYQEYzf0
.darkreading.com/	1970-01-20 23:51:29	Name: _ga Value: GA1.2.1183755547.1692929407
.darkreading.com/	1970-01-20 23:37:05	Name: __gads Value: ID=b14dab0d52dd1618:T=1692929408:RT=1692929408:S=ALNI_MbUI3mrgffxyLfCRB2ppb0JIXYNPQ
.darkreading.com/	1970-01-20 23:37:05	Name: __gpi Value: UID=00000c67efa59a88:T=1692929408:RT=1692929408:S=ALNI_MZVbxfbkWwkyoUUWQ4ZEWWeSYXKjA
.doubleclick.net/	1970-01-20 18:34:41	Name: APC Value: AfxxVi71_YEb8exMYV7OTqkG55q5CHMG6kSenRJhl0TZa-J0R-4WJw
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 6.013

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=2402797418881220035 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v96.js(Line 77) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://www.darkreading.com/404 Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
a.dpmsrv.com
a.teads.tv
ad.doubleclick.net
ads.celtra.com
assets.ubembed.com
bam.eu01.nr-data.net
beta.darkreading.com
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
e3e5d5bbd72d25422126f89c6b9e3df3.safeframe.googlesyndication.com
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.gstatic.com
geolocation.onetrust.com
googleads4.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
iirexhibitionslimite.tt.omtrdc.net
img.en25.com
in.ml314.com
js-agent.newrelic.com
lh3.googleusercontent.com
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
s.dpmsrv.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
t.teads.tv
tpc.googlesyndication.com
track.celtra.com
trk.darkreading.com
vc.hotjar.io
www.darkreading.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
z.moatads.com
108.138.17.27
13.32.99.18
13.32.99.47
13.32.99.66
130.162.160.243
142.250.181.226
142.250.186.66
151.101.130.137
151.101.194.137
18.66.112.110
18.66.112.15
18.66.97.10
184.25.216.9
184.30.17.133
185.221.87.23
192.29.69.231
2.18.161.51
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1b
216.58.206.38
23.218.209.56
2600:9000:2057:6c00:18:1fcd:353:c61
2606:4700:4400::6812:2089
2606:4700::6810:3965
2606:4700::6811:180e
2606:4700::6812:6d2f
2606:4700::6812:6e2f
2606:4700::6812:82ec
2606:4700::6812:b96
2606:4700::6812:bcf
2a00:1450:4001:806::2002
2a00:1450:4001:808::2006
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2004
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9d
3.210.135.174
3.65.152.79
34.111.234.236
35.244.174.68
37.252.172.123
52.222.236.74
52.71.153.141
52.72.72.95
54.147.76.157
54.159.165.205
66.235.152.152
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
03b6f9934a86e8d5472f0b2449d99983b33aceba85871c5ac10ff79a70afab97
05d30a88a22e25d81e8ef36973a231bb61672e045451d6c26be53c714a01f13b
061873fb71d654fc87404592fbb9cd1665e8882c1ab3423f92ddc61f940be783
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0b2118292ee7ab110dd982a8e94f4102ab76a6419c60e2798a07b82736ff1c50
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d4af8b84c14b0d65081429218356184c244068d253bc06e1f7f1fa20e726e24
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
118804ffb57d9794c6dcb47c2cf07d9468e29c024e34d462517f24b74061300d
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
120be5c1f0c3158ea3f36d14321d28e8bad8f3c6fcf6eadd240020c1836eff98
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
1418c4469b7215d7c7f537188a75b842b1909441e759d1e60975e7437fb5eb95
1525351d3893be6380f4274e46148720c51d967e58b4b3fdd942a77c40add3cb
15f5cea00dd2b3f547cad4e67f478474a9ce7bd89959f482b655cdff2fbb356d
165c8105026d179e731f5a2bc08d30e539a05451dc5a182dd706edd930bb884b
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
1848ed0b2a54ed644ee182f2e2c012164080f1be7c475041f8d0a2ebe456c89f
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1ace1b17e77ec3828eda87eb3fea3671ce2a0f706426fbd158873546c4f9366e
1ce70c645f6b6846f8672e45bcd296846e0ba2e56add026bfdda616c11646e24
1d5dbe8cdb08bef7c25ce406c6ba6ef5bf15f20f0af59f65a3536c2c7aba4817
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2129fef407f232eea071e42313c7fd01030b3fc09854677a42949798b65293bb
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
23f95a90d6e6ba09a92bd4eae99823b0a6b0137a9abe10e3c050c062fb15efe4
2565784a204b5c015d560b41607858715b80d3b970bbb465e56f5b410f7b6d95
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
289d4d95813794d4a20d93895934765e1cf259d0f5dc6b3d50aafa437ecb98a4
2936fe13574318d83664642a376fa2fb1701a6b54af72ba96c3ee0ea3e975814
2b8322bfccaa5c0aa4a37e06b916b11d517b7a2974ce3cd810ea57ba3a1ffd68
2c3089793b0b3f53b9dbf81f596bcb1fe538686b600959b7e05aeb944c56c028
2f27b92b9b966ffdd166be51401f836aa3aa6dac8cdd60736582a14a83f8538f
2f8650c7f614694fbf353e3690b981a651ce8aa79ee32c82f21ef303eeeb5421
2fbdba005b08ea31e6904b8f45e3e96b2bf3ebc13d9f006cea0848e1294ca579
2fc9226c1dac21a7182d442ae225403735a06132fa0d3339f9b691161f226870
308e134d9a0df8031a894aa2bb6e70515cb9db2403e3e568e7554ae69f474c96
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3267f4f06fbc7df05b4a6c98995d133a44fb51abb85f7097783e69045f2d5b60
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
33aeb8aa4c8ccd807fd757b925e11b25d2327a99e17f4500c475dd8495889672
35396bc1fe0457ca063caaf18161f4d252b66dda7bdf4dc83bd7291c5a763b5a
36069dae705692548e4a2c2d3c504cea29cf7756771c054130f14e48f3492b58
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
429f7e0fe891676debcf572bce666bf67cabfd82e6774895d4800283a05df589
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4c662be26daa544e07f7170870e306427b9fcf0d9f30e6f602c7fb67005bfda3
4e3544834b91e44441b532b1543211033bbf7dfdb06b1c540c6539ce2f04c806
4e668c3c5ead2707062c31387d0b2fc6883cbff5895585e08d923f3759a33140
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54b202388597293d84e28a9534ed82dd4d180ec2d715d1fd9abb3f3615fa463e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4d362579276afb8524a825c6e998ebebf2fe7af36b454c71291c7cebfc447
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5cc9703f8d66c26c64e8ce6557012353adf1ce29a935ca3951b4a909b5398a91
5dedb9847c01d696eaa98918113cce86cc45604ff93b8348268ee763a0e9da3e
5e3e377390273cdcadaaa15956be20643d89765dfe7b62c363e9442a68bd4271
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d109f5609e0ace3cfe98efa8b6a5714c85100b2ec5c0ea798acf171aa22f88
6385276858ff10f341ffcee98ab1377dc9462fa771873a6aa2798f954ed79432
67a5c5246d878c5d5687d1ff9a986a79fbf00e754d44e5cf24bf0ea8f4aae1b8
6ab7ecee17ecf6acc17b335fedd619d52c02e3bf35eddff0da85a04888bb33b6
6ac768d479fd8627d59a5298f7175cf51f4ace4eea8feda66a04b1e32244d6ed
6b89c9083f4d3f663f120a0922b278de4522e4237e6e1414bc78ae1c78f93b4c
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
6e00d3935f6a747eedf83365b8b957f71ec570e9ac018426c07f59e7e1a32126
6e504d72d0b8fe63b71774d746594a7d13607ee5313241cc546a1bcd47909677
720b074e114854f5c2b347ee013066f2ff6e8a1da750d605c8df6936b997eb60
72f941a30af256bb9474f28d6a92af6a67d9d177f530c0307a3c9fda73e05c56
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
7d088391c46d36f7145e754bd398129f1c1f88f1e24b81e0e1ac83516e2fdcb8
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
821df27095f50de71ad33ed457d7b74bb8327b31701b7e36933370a3194017db
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
843dea1d022be79c95643821b1140cc2d081094ee77ccf7a1f637a1ad8fca33f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
87cc7e7b8435cb32e1ca3fa2f59d35ff123196ab4b44cba5fae25cc6765f760f
896cb276b07f2b3b6df4141e5b0c9ee00c5ee73c9c4604bc2cce5ab45b9bb842
8c792dc2527753d5f758a812c5de2225dba619ecd83b05713ce68b0db858fa28
8d917638a6ea98eb321e6c62b63e6d76a1d1a5bf8e230f83b32dc54f4ecb8ed9
8dee9248f37df7818591a6d2ac49ea86ce2c98a0208dd9f4c1f851c401206319
8e381ff9be95839ab9f6e0c2a216cf07fba511a408833deb134c309f7149c684
9018943a1eabee4bcc9243110242c787c2baa6ef113597eccadc0157af070cbc
9250f0b586e89674ec647d8dfb6fe7aedcb588be13ebb6aeb1286efa9d3cfb39
92cb5a6a74d10d7aec19253d6e85d0e41838417e0f72021917dc950737f0b027
92e2472635cbca31d4b0694c1248618677a5279d6e841b23191c3d5a76ac09f4
9dddb939f2fb146a699ea1cf0efd984d4b8f429aa49d70246bff358fdbdf7fe7
9e04433a74ec26a9b149ee31234bc5a607d43e93ff3e314107c52c4a0e495308
a0658400e4b2d850ff1fac9715a7d2ce74d32a8df2f32696de3b2f590c53d4cf
aa7bd280bd6efd2461f03c075e72feae0dce61bf1264d6ef7416c2ddfddcfde2
aa9dcfbee8d3442fc6d2a1aa666a4c4d11219d88d7be1ed19811a1ce8a28ff90
ab36b8356d4b7e3e3591b161427e6fb18512a2ccc8a787f8cc03294cf2f30478
aba6df9a9fb95595b972a470f865ee728e078fe9af8f8dfcd7bbf5fa529eefdc
aca018950c7928f948c38d3ca0a66f7854f7ced4b970de8d66547deab295aeef
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aec960428cdcac5bd30f8d1223dd9e91e87efc13beb5d15cdc77c1bb851d3dc1
af649b6e2d250069f4e035013d43a4e147479e05c620c800d4dae35124a4ff24
b25081dfbd7a0833652f6a1a9cd147231733252c41ea36c1ee3e9ca9496ba542
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b315181f1047d35cc29f1b83c9c31ea493c5006f21930ba0a5e790a80ca2b7f2
b3e4e745f23b97d4279ece0602fa507729dfc0b7350deea0d953370abf41eafd
b59201919b40adedf497e032d9f45a4385fe10f07755c8926192f9c6d59d89fe
b97b49ee323dbccf9a13f15fa3d93188d01681652d52b1ed40ad00c32dfb0513
bf0c9e96d42b8f925c3efed592638eb80ec787fdf822afc6267c76527a6cc012
bf9f864b3c9417c83c4d67283d03fc9f4f6b2e3ddee5ef3f9c26bd199f4003a7
c0c3435d7989e8cc6968d741c016e80e6b73f479a979d3e6fb04d9c69e33ad13
c0fb926544e5a81accc7b91c35cbdbeb8aaad37cb319a531c1335bc82059eb79
c19345a03fed44d267abbe2f427bdcd261aa86a447320f15f3eef8e121690794
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c870bc0b6e52de133e3273be305bda03afd6aba5d5064c034f2a50a3af3edc01
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
c9d847b693e7d2db02020682f5eaa7754143ae9e9ca2e3e9541ef9b7f56d4534
c9e40e17ef48acdd8fbbd4ab434adcd35602a939c19816f297baaa91e675a067
cb4787d6337aa1e504d8d2dc49629d5b46a49c30a6da6f4bb964e8875dd4bc43
cde0ba6abad1fe30f3a310048c2294b25e8cb560ab5a68902b146ad228bf9bfa
ced4850c7787d0a3db0508f45997c2721376600c75d1f6968a56993e4ee15913
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cef42ed454fbe16b0cb3244ac836ec077602f770c0777c669351ca801c218e56
cf3119fdbf0f06025ca1ee2409e2e10a29785c6184c927084c8da22fc0db2e79
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d10a2d03c9fb4943f449b97d333b8d22990200afa70d13d5c1c23ad4d783200c
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d41ec139c7a9a1d5c36fbb2da10e14d5a3f966fce56c9523aad1c60184d7abf2
d72c9fb59846aff6405d2973c81bd8da823493502fab893e026a736a1ba01838
d8f2a6eb1c5b845fbc8ff1d6e3b48b9429d8e320e3925144bc7a07795ab534ad
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
ddeea69d5116852145775870dab4d86b4e909e7a02c03465efaa67d5b0f744be
de06fea245b0036d21764fcf2b9a4791c0a0f1e927e3916c7d779cb44a1977bd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e168f400859a54ae28705c297c4d347eacbbcfee972a38744b8f9d890022a898
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e54192a6793e65218e35bf9dae67dda00793dea0507b93c11fc3eaf412225c03
e5836b0f5b9092c9f810ad6ccd9db01c1fcd57889e8222f558d9c2b59b082d7c
e77656e983d0c5c4cfdb2c23f000338bc9310021e1b97d4fba74af370e1ae280
e9d0cab69a4c71df7a16b6ee6f99ea474423689c8eadd7aa62ce9cef3a48c395
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11605d2a59c8a289018cab603080a47f1d5d46373eb1702584a2aa8e01cea1e
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f2623da68a8260d76a3fe78578ba3f96342ea1c1b4e5bf05f15bcdd3d4e1f822
f468379c4fd0e6f34d026ca286e4f4ac453122cf659caf155a2264450aa2dd9a
f84daf0174e2c6f686b5864ff7dafc119dae3c2ca88f213dcbfc3f70b2b39571
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fb1589f0619e41e0fa1d0770121be244be9fa07d5a6c5938d5988f9726927307
fb657972079f36258237fd79c9b7cf160c82943f31fe5ff1b0e10be49e27be5b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fc57fb7726d7a86c273bebb59f12bc63a69ea93c695f971f73bb035f9bbe928b
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
fdc36a511e130ef7cf4600675c6a3c8227d80d6c2a028c2ad3c59f2aed513e68

www.darkreading.com Open in urlscan Pro 2606:4700::6812:6e2f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

273 Requests

98 %HTTPS

46 %IPv6

38 Domains

58 Subdomains

55 IPs

7 Countries

6716 kBTransfer

14755 kBSize

40 Cookies

46 Outgoing links

Redirected requests

273 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6812:6e2f Public Scan

Screenshot
Live screenshot

Full Image

273
Requests

98 %
HTTPS

46 %
IPv6

38
Domains

58
Subdomains

55
IPs

7
Countries

6716 kB
Transfer

14755 kB
Size

40
Cookies

273 HTTP transactions
10 data transactions