www.darkreading.com Open in urlscan Pro
104.17.118.99 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-pla...
Submission: On October 01 via manual (October 1st 2021, 10:39:50 pm UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 32 IPs in 5 countries across 21 domains to perform 98 HTTP transactions. The main IP is 104.17.118.99, located in and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 9th 2021. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
28	104.17.118.99 104.17.118.99	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.21.66.12 104.21.66.12	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
11	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
1	104.16.95.65 104.16.95.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	142.250.185.168 142.250.185.168	15169 (GOOGLE) (GOOGLE)
2	142.250.185.238 142.250.185.238	15169 (GOOGLE) (GOOGLE)
1	13.224.190.164 13.224.190.164	16509 (AMAZON-02) (AMAZON-02)
1	151.101.1.131 151.101.1.131	54113 (FASTLY) (FASTLY)
1	104.111.229.66 104.111.229.66	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.193.120 13.224.193.120	16509 (AMAZON-02) (AMAZON-02)
2	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
1	13.225.87.62 13.225.87.62	16509 (AMAZON-02) (AMAZON-02)
2	13.224.193.126 13.224.193.126	16509 (AMAZON-02) (AMAZON-02)
2	13.224.193.116 13.224.193.116	16509 (AMAZON-02) (AMAZON-02)
1	52.45.61.27 52.45.61.27	14618 (AMAZON-AES) (AMAZON-AES)
1 2	142.0.173.134 142.0.173.134	7160 (NETDYNAMICS) (NETDYNAMICS)
1	13.224.193.122 13.224.193.122	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.223.38 185.33.223.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	3.224.4.25 3.224.4.25	14618 (AMAZON-AES) (AMAZON-AES)
1	74.125.140.154 74.125.140.154	15169 (GOOGLE) (GOOGLE)
1	99.81.27.250 99.81.27.250	16509 (AMAZON-02) (AMAZON-02)
2	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
1	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	142.250.185.193 142.250.185.193	15169 (GOOGLE) (GOOGLE)
4	13.224.193.64 13.224.193.64	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	142.250.184.193 142.250.184.193	15169 (GOOGLE) (GOOGLE)
98	32

28 104.17.118.99 (None, )

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beta.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.66.12 (None, )

ASN13335 (CLOUDFLARENET, US)

dsimg.ubm-us.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.95.65 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.190.164 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-190-164.fra2.r.cloudfront.net

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.131 (United States)

ASN54113 (FASTLY, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.229.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-229-66.deploy.static.akamaitechnologies.com

img.en25.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-120.fra2.r.cloudfront.net

s.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-62.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-126.fra2.r.cloudfront.net

cdn.bibblio.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.61.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-61-27.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.0.173.134 (United States) 1 redirects

ASN7160 (NETDYNAMICS, US)

trk.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-122.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.38 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.4.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-4-25.compute-1.amazonaws.com

a.dpmsrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.140.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f154.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.27.250 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f1.1e100.net

a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.224.193.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-64.fra2.r.cloudfront.net

api.bibblio.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	darkreading.com 1 redirects www.darkreading.com beta.darkreading.com trk.darkreading.com	591 KB
17	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	217 KB
11	contentstack.com eu-images.contentstack.com	62 KB
8	googlesyndication.com a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	195 KB
6	bibblio.org cdn.bibblio.org api.bibblio.org	21 KB
4	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com in.hotjar.com	63 KB
3	google.com www.google.com adservice.google.com	2 KB
3	dpmsrv.com s.dpmsrv.com a.dpmsrv.com	91 KB
3	cloudflare.com cdnjs.cloudflare.com	168 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	youtube.com www.youtube.com	46 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com assets.ubembed.com	48 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	156 KB
2	ubm-us.net dsimg.ubm-us.net	58 KB
1	rlcdn.com idsync.rlcdn.com	66 B
1	chartbeat.net ping.chartbeat.net	201 B
1	en25.com img.en25.com	3 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	googletagmanager.com www.googletagmanager.com	54 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
98	21

	Domain	Requested by
24	beta.darkreading.com	www.darkreading.com beta.darkreading.com
14	securepubads.g.doubleclick.net	www.darkreading.com securepubads.g.doubleclick.net
11	eu-images.contentstack.com	www.darkreading.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	api.bibblio.org	cdn.bibblio.org
4	www.darkreading.com	beta.darkreading.com static.cloudflareinsights.com
3	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	cdnjs.cloudflare.com	www.darkreading.com cdnjs.cloudflare.com
2	cm.g.doubleclick.net	2 redirects
2	www.google.com	dsimg.ubm-us.net tpc.googlesyndication.com
2	a.dpmsrv.com	www.darkreading.com
2	ib.adnxs.com	2 redirects
2	trk.darkreading.com	1 redirects www.darkreading.com
2	cdn.bibblio.org	www.googletagmanager.com
2	www.youtube.com	www.googletagmanager.com www.youtube.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	dsimg.ubm-us.net	www.darkreading.com
1	a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	idsync.rlcdn.com	www.darkreading.com
1	www.gstatic.com	www.google.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	ping.chartbeat.net	www.darkreading.com
1	assets.ubembed.com	6600d6d98e534115970f9529a45f3195.js.ubembed.com
1	static.hotjar.com	www.darkreading.com
1	s.dpmsrv.com	www.darkreading.com
1	img.en25.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.googletagmanager.com
1	static.chartbeat.com	www.darkreading.com
1	www.googletagmanager.com	www.darkreading.com
1	fonts.gstatic.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
98	35

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2021-06-09` - `2022-06-08`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-06` - `2022-07-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.contentstack.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-03` - `2022-06-04`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.en25.com DigiCert SHA2 Secure Server CA	`2021-09-14` - `2022-09-14`	a year	crt.sh
*.dpmsrv.com Amazon	`2021-05-17` - `2022-06-15`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
cdn.bibblio.org Amazon	`2021-05-22` - `2022-06-20`	a year	crt.sh
assets.ubembed.com Amazon	`2021-03-06` - `2022-04-04`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
trk.darkreading.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-02-19` - `2022-02-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
api.bibblio.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Frame ID: 5F0CE3BBEC99AF46BA01A74ED1A0D8F2
Requests: 91 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 78E1A8B4FFB7B27E21A569E4C2E54ADB
Requests: 1 HTTP requests in this frame

Frame: https://a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8118DCE68C25891F604F32298970ED5B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 7A61E2C1D387073001B1A5A73C38FB02
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ADDC73707762281E2BC57B584BBDF2FC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

98
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

35
Subdomains

32
IPs

5
Countries

1812 kB
Transfer

5778 kB
Size

27
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjssWAqcxhdWoUsZfMKxh2Q39F_dbjErQ65Wf45Xw03RDhoPSjwQ4KNzyRVW6zBflR-h0LkxR035L1ajaS5aAXcHpyn-X7GlOjCBH-JelI8jyMNJ8HduAAdk61QGjXO-b0ulF-1d6qqzValsW8DHyMbcfaIuJiFp_BsisoCaboW0GD6KrGpm8qkj8j6fH5Wf9Z0sqlVRfou6cbuhU57KWwtM3ncpOjTH_cwKumRaSgZjSYKrx7HfnvI4vGV-vOJS-s8F65u_Z6xbeNCX3-UFQbdi4vDFJykYu64dsucpO_TfLKR9nBD3xz91wTCZEXiIkWh0kPkBWUyoQF3dMnchfzyeZD1AgNps&sig=Cg0ArKJSzM9lpCF87D-KEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.farsightsecurity.com/solutions/dnsdb/?utm_campaign=Advertisement_2020&utm_source=DarkReading&utm_medium=Banner

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&ref2=elqNone&tzo=0&ms=802&optin=disabled&firstPartyCookieDomain=trk.darkreading.com HTTP 302
https://trk.darkreading.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&ref2=elqNone&tzo=0&ms=802&optin=disabled&elq1pcGUID=DDC5D83AD4A948938EE0FF2473300251

Request Chain 62

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D478656%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%252Fattacks-breaches%252Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&_=1633127984864 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D478656%2526tzOffset%253D0%2526url%253Dhttps%25253A%25252F%25252Fwww.darkreading.com%25252Fattacks-breaches%25252Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms%26_%3D1633127984864 HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?id=5246352413000860545&q=xImp&v=1.x&cl=55&pixelIndex=0&r=478656&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&_=1633127984864

Request Chain 68

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865&google_tc= HTTP 302
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865&google_error=15

98 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms Show response
www.darkreading.com/attacks-breaches/ 270 KB
40 KB 522ms
493ms Document
text/html 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 3070455a521ba6c867d80de2a8eee04ba5888727dfd6d8b05110fcc038373d99

Request headers

:method: GET
:authority: www.darkreading.com
:scheme: https
:path: /attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 01 Oct 2021 22:39:43 GMT
content-type: text/html; charset=utf-8
cf-ray: 697930489fe6974e-FRA
access-control-allow-origin: *
cache-control: s-maxage=30, stale-while-revalidate
vary: Accept-Encoding, Origin
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-powered-by: Next.js
x-proxy-by: https://www.darkreading.com
server: cloudflare
content-encoding: br

GET
H2 200 d1fc54a39b805c8a0e39.css
beta.darkreading.com/_next/static/css/ 368 KB
53 KB 44ms
35ms Stylesheet
text/css 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/css/d1fc54a39b805c8a0e39.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecf61588c25ee18af03e68239e8098d3e617a0700836e67915da2c0377b73a36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 422
etag: W/"61541d15-5bda1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304bd87a974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 webpack-50bee04d1dc61f8adf5b.js Show response
beta.darkreading.com/_next/static/chunks/ 2 KB
924 B 59ms
49ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/webpack-50bee04d1dc61f8adf5b.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Apr 2021 10:51:07 GMT
server: cloudflare
age: 13520273
etag: W/"603-179181a9aa3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-bgj: minify
cf-ray: 6979304be884974e-FRA
expires: Sat, 01 Oct 2022 22:39:44 GMT

GET
H2 200 framework.0c239260661ae1d12aa2.js Show response
beta.darkreading.com/_next/static/chunks/ 128 KB
42 KB 45ms
35ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/framework.0c239260661ae1d12aa2.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 1432
etag: W/"61541d15-20005"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be887974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 a243436ee6e0a72bbf2efebfb901bd45139f6a4e.52fd5ef7a8ab7d8fc0dd.js Show response
beta.darkreading.com/_next/static/chunks/ 6 KB
3 KB 32ms
23ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/a243436ee6e0a72bbf2efebfb901bd45139f6a4e.52fd5ef7a8ab7d8fc0dd.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b32c9c990ccecb65d55fb56d5801ae902db32aebd81812aa11340d1741ca20ab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 940
etag: W/"61541d15-19f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be87f974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 0888ae80cb8f6ae3e88e386997561269b23545e3.e7fb526f75f2f3124044.js Show response
beta.darkreading.com/_next/static/chunks/ 34 KB
12 KB 34ms
25ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/0888ae80cb8f6ae3e88e386997561269b23545e3.e7fb526f75f2f3124044.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d74953fccb7a89083f745776f20bce154999699e5940c5f763af666472a7fb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 5846
etag: W/"61541d15-8977"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be87c974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 main-03a431d14631918ec7df.js Show response
beta.darkreading.com/_next/static/chunks/ 19 KB
7 KB 44ms
35ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/main-03a431d14631918ec7df.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57f5a86125c4429ee24d506b380c5f442822e169d708b7703906b0fad7468404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 5847
etag: W/"61541d15-4abe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be885974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 29107295.f607d0242cf52a473e6a.js Show response
beta.darkreading.com/_next/static/chunks/ 70 KB
25 KB 43ms
34ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/29107295.f607d0242cf52a473e6a.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0455859d4e251ea8ce154794beebdb7737c418d8357d55b828262a8be0f8a86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 5560
etag: W/"61541d15-1182f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be87e974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 75fc9c18.daa6e841d2cb4900e052.js Show response
beta.darkreading.com/_next/static/chunks/ 59 KB
20 KB 44ms
35ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/75fc9c18.daa6e841d2cb4900e052.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99c834f8b8e2b2e06beb8c761c9ff6826078f8f7db13bc011f85ec0cbedae5fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 4771
etag: W/"61541d15-eb6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be886974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 a7c7b4cbf8a70c69a8e5cd6530b1213c263213ee.dfda290f8e180c9d4931.js Show response
beta.darkreading.com/_next/static/chunks/ 529 KB
119 KB 48ms
40ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/a7c7b4cbf8a70c69a8e5cd6530b1213c263213ee.dfda290f8e180c9d4931.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39af455a2b69c42c7d192932c04aae5106bff6194f6d00bb3b23f067455c46d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 2466
etag: W/"61541d15-8452c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-polished: origSize=541996
cf-bgj: minify
cf-ray: 6979304be883974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 7150522dd2feef040e16246c93951219140547d2.ca5eb82f763fbd31c695.js Show response
beta.darkreading.com/_next/static/chunks/ 196 KB
63 KB 48ms
39ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/7150522dd2feef040e16246c93951219140547d2.ca5eb82f763fbd31c695.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0851cbd91b78802d4bf0d65c598081b24567554b2b8af278c510852e44ca6831

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 5847
etag: W/"61541d15-311ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be88c974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 _app-23c36e73128ec4e34151.js Show response
beta.darkreading.com/_next/static/chunks/pages/ 15 KB
6 KB 32ms
24ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/_app-23c36e73128ec4e34151.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74822578ac25d8a2436dce2997b12d4dcf7ae6efee1e5c681aa0c17a5edb47d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 422
etag: W/"61541d15-3cac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be881974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 2de38ae9d9a252987fb25929d5906fe616d142a1.664663ada0ff8ea71273.js Show response
beta.darkreading.com/_next/static/chunks/ 77 KB
22 KB 52ms
44ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/2de38ae9d9a252987fb25929d5906fe616d142a1.664663ada0ff8ea71273.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6474fd642f8fe734719116a57ed22f08e2c5010c871236495c8383f5c8086f38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 1433
etag: W/"61541d15-133f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be88b974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 286b25130858f2510ef0b94a0e7d524a245baf28.07181371776eb2cb77e0.js Show response
beta.darkreading.com/_next/static/chunks/ 21 KB
7 KB 35ms
27ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/286b25130858f2510ef0b94a0e7d524a245baf28.07181371776eb2cb77e0.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a56dc4627d4adbf44ec845d08aed2859b459b19f76157c05df5532f2c650e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 5559
etag: W/"61541d15-556c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be882974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 1aa4fccfc0a9a1798e4f36db5eb709b29904984b.11170d1f688b723efde3.js Show response
beta.darkreading.com/_next/static/chunks/ 160 KB
45 KB 37ms
29ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/1aa4fccfc0a9a1798e4f36db5eb709b29904984b.11170d1f688b723efde3.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 709d361139196c013b33cae8b090ae17656126dbe00bf1baee164abb2186dc3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 4770
etag: W/"61541d15-28036"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be87b974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 5431ce6417fd7a6c8c04ed93d5e2533102344d2c.f2fecf0cbb2bb979df0f.js Show response
beta.darkreading.com/_next/static/chunks/ 48 KB
11 KB 32ms
24ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/5431ce6417fd7a6c8c04ed93d5e2533102344d2c.f2fecf0cbb2bb979df0f.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c34c55b13bbb4b84c3d72e83a224c5f80197161356b4f11f957782a71b97e28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:43 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 1432
etag: W/"61541d15-c004"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be87d974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 49437bdb1112dc30b54d2e54bd767365ba8cb15b.f3c2cf851300e2f49c05.js Show response
beta.darkreading.com/_next/static/chunks/ 72 KB
14 KB 42ms
35ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/49437bdb1112dc30b54d2e54bd767365ba8cb15b.f3c2cf851300e2f49c05.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84e6038a0998977dd537acd25f8a8ea7c6b8496dd0c0478927862eae445cf9a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 1433
etag: W/"61541d15-12059"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be888974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 919d62d8adfe5e1b9a5d01a2dff05df8776faee2.4965578d65df10260463.js Show response
beta.darkreading.com/_next/static/chunks/ 131 KB
38 KB 40ms
33ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/919d62d8adfe5e1b9a5d01a2dff05df8776faee2.4965578d65df10260463.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea1cd29d37abe22b21d86319fe5a6329859bece19d2aba6125e789c46c812e72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 734
etag: W/"61541d15-20a99"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be889974e-FRA
expires: Sat, 02 Oct 2021 00:39:43 GMT

GET
H2 200 %5BhybidPage%5D-242a56423e1d70fbcb6d.js Show response
beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/ 163 KB
50 KB 43ms
36ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/chunks/pages/%5Bcategory%5D/%5BhybidPage%5D-242a56423e1d70fbcb6d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b70bc18487e03935960a024a87f3c4a982d3eec9b3d25062d3460379f1ac5e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
age: 6899
etag: W/"61541d15-28d91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304be88a974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 ubm-widget-style.css
dsimg.ubm-us.net/ubm-widget/css/ 29 KB
6 KB 57ms
17ms Stylesheet
text/css 104.21.66.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsimg.ubm-us.net/ubm-widget/css/ubm-widget-style.css
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.66.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6414656f939f73a463499bd2c5a8f75793658adf6e05d0e4cd61d1ba36636b94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5337
cf-polished: origSize=29587
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 11 Apr 2018 16:31:21 GMT
server: cloudflare
etag: W/"7393-569952b4c0840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NinCMFovge9OuVWVoh4b97s%2BOCudUnqHMYPk9ZMp2kSemzqDSV0wcKju3CCZLxvb6wigHKwU5%2BP6KDThtoot7dUzHL6R4L6AWsSX5KjSpX6IClumCIcRw%2FNA5YrW54Z2txo"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 6979304c1dd7411f-PRG
cf-bgj: minify

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/ 58 KB
11 KB 40ms
24ms Stylesheet
text/css 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3123493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:05 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7431-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2FtBCoD0WfwS7rZdPYU%2B79QwmXkIMc4UWdjuACbHTEXOU%2FYIwM9fQcKsv9ftUd6Wsg%2FsKHDVmgw9AodU7WKGFIgS8tIOTTXb1B8KIJ97wNoqbaPPLf7%2Fhw7MNTspNiWwkMcOhmQR"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6979304be8e0dfe3-FRA
expires: Wed, 21 Sep 2022 22:39:44 GMT

GET
H2 200 ubm-widget-min.js Show response
dsimg.ubm-us.net/ubm-widget/js/ 192 KB
53 KB 59ms
20ms Script
application/javascript 104.21.66.12
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dsimg.ubm-us.net/ubm-widget/js/ubm-widget-min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.66.12 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffcaeef328a1e67717f714997426aaf936e4b9d378a5fbe1bd2a063dfeb50750

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 11 Apr 2018 17:29:33 GMT
server: cloudflare
age: 5337
etag: W/"2fe99-56995fb6fbbe3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xnYItb%2FoZl1xUnAPjQt4hhZ8thwkkL9kbUotx9ZbBim9DExVizaDUsfHefY%2BVc0c8gVnWzyGL%2BoP0atnaiWt%2B4JqaKJJcW577s8INC07JSkuWMBpl0Bvclg3DDTrIgMq24EE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6979304c1dd8411f-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
26 KB 39ms
17ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

eb1e150667a1699d56e4993594a25afc18e44453d8a1db11e1204c25eec745c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1003 / 990 of 1000 / last-modified: 1633125993"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25717
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Oct 2021 22:39:44 GMT

GET
H2 200 prebid-ads.js Show response
beta.darkreading.com/js/ 24 B
132 B 421ms
415ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/js/prebid-ads.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 07:58:41 GMT
server: cloudflare
etag: W/"18-17c30901368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=7200
cf-ray: 6979304be880974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 iribbon-logo.png
beta.darkreading.com/images/ 1 KB
1 KB 376ms
376ms Image
image/png 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/images/iribbon-logo.png
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820baf6a25ee06590a1875ea3ff1aca61f8270946692845eea0643249ae62778

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 07:58:41 GMT
server: cloudflare
etag: W/"498-17c30901368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6979304c489f974e-FRA
content-length: 1176
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 TheEdge-Logo_Black.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf97d890888c48937/61557c919aad297e10086e88/ 5 KB
6 KB 40ms
6ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltf97d890888c48937/61557c919aad297e10086e88/TheEdge-Logo_Black.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ed7e9d8f6ba6c9ba5270b06f126116f4191b87d0b7de5e012c15c761d74b2c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 135583
x-cache: HIT, HIT
fastly-io-info: ifsz=7298 idim=536x96 ifmt=png ofsz=5486 odim=536x96 ofmt=png
content-disposition: inline; filename=TheEdge-Logo_Black.png
fastly-stats: io=1
content-length: 5486
x-request-id: 19946
x-served-by: cache-ams21059-AMS, cache-hhn4044-HHN
x-runtime: 70ms
x-timer: S1633127984.431625,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "6d0oSj0wOrX+WCf2HONZWyxQD8BJqZkO43l7h4o3nzc"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 DR_Technology_Logo_Black.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt13a7bb63bbc84ea1/615573a9486c9a5b53694fea/ 5 KB
5 KB 33ms
8ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt13a7bb63bbc84ea1/615573a9486c9a5b53694fea/DR_Technology_Logo_Black.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

eb9f8497b8a8171e4a45e3040f8e023f98b4a36a6ef23fb1e14e0cf2d0a7111f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 137863
x-cache: HIT, HIT
fastly-io-info: ifsz=7233 idim=601x159 ifmt=png ofsz=5214 odim=601x159 ofmt=png
content-disposition: inline; filename=DR_Technology_Logo_Black.png
fastly-stats: io=1
content-length: 5214
x-request-id: 61861
x-served-by: cache-ams12738-AMS, cache-hhn4044-HHN
x-runtime: 55ms
x-timer: S1633127984.431714,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "fENcFVyTh0DtMXpQK+Z30/OfpAJIq4/NHjck8YM8x+0"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3, 1

GET
H2 200 bh_logo_black_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt365fc6c2647d15e5/60b1e96052bd6156414f3422/ 2 KB
2 KB 33ms
7ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt365fc6c2647d15e5/60b1e96052bd6156414f3422/bh_logo_black_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

425a7a245152de6efd4fba9eb8e5fd6039fdbceb14bd136e81dc4e378a25f5b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 1353344
x-cache: HIT, HIT
fastly-io-info: ifsz=2007 idim=174x50 ifmt=png ofsz=1797 odim=174x50 ofmt=png
content-disposition: inline; filename=bh_logo_black_1.png
fastly-stats: io=1
content-length: 1797
x-request-id: 39890
x-served-by: cache-ams21081-AMS, cache-hhn4044-HHN
x-runtime: 47ms
x-timer: S1633127984.431803,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "4l4Erkn9hn03lvevaxet4naMOtzFtaH5y0sDkz5v25M"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 OMDIA_LOGO_BLACK_2_with_extra_height.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt5e638427fb7992eb/60b9b81d1ffed8575f140e47/ 4 KB
5 KB 34ms
9ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt5e638427fb7992eb/60b9b81d1ffed8575f140e47/OMDIA_LOGO_BLACK_2_with_extra_height.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e6662249db09c83d3c8d1a580d1ab3f222044c2f4fc90f63c4fa866f920b1695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 1353345
x-cache: HIT, HIT
fastly-io-info: ifsz=4428 idim=167x68 ifmt=png ofsz=4428 odim=167x68 ofmt=png
content-disposition: inline; filename=OMDIA_LOGO_BLACK_2_with_extra_height.png
fastly-stats: io=1
content-length: 4428
fastly-io-warning: Failed to shrink image
x-served-by: cache-ams12749-AMS, cache-hhn4044-HHN
x-runtime: 45ms
x-request-id: 66999
x-timer: S1633127984.431865,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "EUDSBl5Z8f1pAQ4YNBgtj8bHBoIQXQ0CjZXMYJ1PBwM"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 IWK-Color_heigh_adjusted.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt621a6404bafa0c4d/60b1e8c8d64f195504537b9a/ 4 KB
4 KB 35ms
10ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt621a6404bafa0c4d/60b1e8c8d64f195504537b9a/IWK-Color_heigh_adjusted.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1ac337f755cdf3c5a9024c9e661ee1906f85a87dd0799419658d244631f9194c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 767542
x-cache: HIT, HIT
fastly-io-info: ifsz=3958 idim=150x32 ifmt=png ofsz=3958 odim=150x32 ofmt=png
content-disposition: inline; filename=IWK-Color_heigh_adjusted.png
fastly-stats: io=1
content-length: 3958
fastly-io-warning: Failed to shrink image
x-served-by: cache-ams21036-AMS, cache-hhn4044-HHN
x-runtime: 81ms
x-request-id: 37868
x-timer: S1633127984.431943,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "+5RpAO/mkKLSeBrVeG2DJercjQZsRIGvwHOEY8jZYEc"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Whitelogo_1.png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/ 8 KB
8 KB 34ms
9ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3edeb23396a4b5dc/60b1ea7a9afdef577986633e/Whitelogo_1.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c947fb257287976cf7cd15cd2a488c1cc4093a5c5ff2a40a56ba9a7c9e07c08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 1353345
x-cache: HIT, HIT
fastly-io-info: ifsz=7774 idim=336x84 ifmt=png ofsz=7760 odim=336x84 ofmt=png
content-disposition: inline; filename=Whitelogo_1.png
fastly-stats: io=1
content-length: 7760
x-request-id: 19800
x-served-by: cache-ams12735-AMS, cache-hhn4044-HHN
x-runtime: 45ms
x-timer: S1633127984.431998,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "9lnNwdU3SaksRme/Az7CUYHUn98eOJQreS0ZWDc0+sA"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 _buildManifest.js Show response
beta.darkreading.com/_next/static/b930654511113f0b6b3c5d9d0e83f49c4f884827/ 2 KB
1 KB 374ms
374ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/b930654511113f0b6b3c5d9d0e83f49c4f884827/_buildManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2983429e4fac7e741631230b47b0b992c1c429503d276d79e894220b6962fc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
server: cloudflare
etag: W/"61541d15-97c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-polished: origSize=2428
cf-bgj: minify
cf-ray: 6979304e8908974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 _ssgManifest.js Show response
beta.darkreading.com/_next/static/b930654511113f0b6b3c5d9d0e83f49c4f884827/ 198 B
231 B 378ms
378ms Script
application/javascript 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beta.darkreading.com/_next/static/b930654511113f0b6b3c5d9d0e83f49c4f884827/_ssgManifest.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdb4392404ba3b9a4057e5ade4007e7b1c24aabf959320da364c0a1cb08565cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 29 Sep 2021 08:00:35 GMT
server: cloudflare
etag: W/"61541d23-c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200
cf-bgj: minify
cf-ray: 6979304e8909974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H2 200 beacon.min.js Show response
static.cloudflareinsights.com/ 13 KB
5 KB 56ms
32ms Script
text/javascript 104.16.95.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.95.65 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: gzip
last-modified: Wed, 22 Sep 2021 16:39:17 GMT
server: cloudflare
etag: W/2021.9.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6979304ebaf14ebc-FRA

GET
H2 200 pubads_impl_2021092001.js Show response
securepubads.g.doubleclick.net/gpt/ 336 KB
118 KB 17ms
16ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

sffe /

Resource Hash

1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120245
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 08:37:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 01 Oct 2021 22:39:44 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 78 KB
79 KB 27ms
17ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://www.darkreading.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 191078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80252
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-1397c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hn7sivLumDBusNRX3ldfolVtkIfG0IzeaACGx2TvCQGUnV25McMTlb0QSqNzzlO9r3YjKPU%2FJBbn2nDHe77Xu6BS5Gn0r3gImV9j3NyzBQ7E6JWI4h8lwSbxks6unLgKSjGUDrZD"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6979304eadba2bc2-FRA
expires: Wed, 21 Sep 2022 22:39:44 GMT

GET
H2 200 4UaOrEtFpBISc36j2jDu5w.woff2
fonts.gstatic.com/s/exo/v12/ 20 KB
20 KB 33ms
7ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/exo/v12/4UaOrEtFpBISc36j2jDu5w.woff2

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3a418f7ec3567130ba266bedd69716a557c2700073c6bd7eb38763f320218ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 25 Sep 2021 12:40:24 GMT
x-content-type-options: nosniff
age: 554360
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20220
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 21:09:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Sep 2022 12:40:24 GMT

GET
H2 200 pdf.efec47dadbf7da17b090bbdb7ada07ba.png
beta.darkreading.com/_next/static/media/ 8 KB
8 KB 26ms
26ms Image
image/png 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/_next/static/media/pdf.efec47dadbf7da17b090bbdb7ada07ba.png
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/css/d1fc54a39b805c8a0e39.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beta.darkreading.com/_next/static/css/d1fc54a39b805c8a0e39.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
cf-cache-status: HIT
age: 6876
cf-polished: origSize=11781
last-modified: Wed, 29 Sep 2021 08:00:21 GMT
content-length: 8484
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "61541d15-2e05"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=7200
accept-ranges: bytes
cf-ray: 6979304eb90e974e-FRA
expires: Sat, 02 Oct 2021 00:39:44 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/ 77 KB
77 KB 23ms
22ms Font
application/octet-stream 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.2/css/all.min.css
Origin: https://www.darkreading.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1380824
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78472
timing-allow-origin: *
last-modified: Wed, 13 Jan 2021 22:29:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5fff7432-13288"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9DhDdn9hYX%2B4kHSBja%2BO5mst3aWH9IJD0pOERosNJ%2BiSvdVhO2%2Bq2zcC06q9JIbjgG9Uf9307k65DoI%2BDTYNh9nRuVLK%2BFTUfGtHDInu%2F%2Bc31PN0Ho1oK2fjdJeQoOUFjsKMqGh2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6979304ecdd82bc2-FRA
expires: Wed, 21 Sep 2022 22:39:44 GMT

GET
H2 200 csrf Show response
www.darkreading.com/api/auth/ 80 B
330 B 443ms
443ms Fetch
application/json 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/csrf
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/chunks/a7c7b4cbf8a70c69a8e5cd6530b1213c263213ee.dfda290f8e180c9d4931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 007a67c914d85cc1a87bbd631a0f561ef6d77adde9321aa5df53d16b3a5d1e7f

Request headers

:path: /api/auth/csrf
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.darkreading.com
referer: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray: 6979304fa93e974e-FRA
date: Fri, 01 Oct 2021 22:39:45 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"50-tJE+FMiuzJDQHCDm/EHT9AzSqYo"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
set-cookie: __Host-next-auth.csrf-token=a69e3528261daff7bb5ccc919e8f32331fb41cfe7a635e34f93914870abf7e48%7C146ca5c17fb7fcd5bfe9e96561fbb13d1912dd3fe1f5c354c36ead6f6e36e09f; Path=/; HttpOnly; Secure; SameSite=Lax __Secure-next-auth.callback-url=https%3A%2F%2Fwww.darkreading.com; Domain=.darkreading.com; Path=/; Secure; SameSite=Lax
content-encoding: br

GET
H2 200 session Show response
www.darkreading.com/api/auth/ 2 B
400 B 379ms
379ms Fetch
application/json 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.darkreading.com/api/auth/session
Requested by: Host: beta.darkreading.com
URL: https://beta.darkreading.com/_next/static/chunks/a7c7b4cbf8a70c69a8e5cd6530b1213c263213ee.dfda290f8e180c9d4931.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

:path: /api/auth/session
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.darkreading.com
referer: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
x-proxy-by: https://www.darkreading.com
cf-cache-status: DYNAMIC
server: cloudflare
etag: "2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: *
set-cookie: __Host-next-auth.csrf-token=e9d24cef18143ee074846696ed31eacb21a51126ec1210ea6ab2d0d802a02ffd%7Cf6783c2f3788b11ab9c470f5907e461ea2402a40b806056bac1c76066ef7b623; Path=/; HttpOnly; Secure; SameSite=Lax __Secure-next-auth.callback-url=https%3A%2F%2Fwww.darkreading.com; Domain=.darkreading.com; Path=/; Secure; SameSite=Lax
cf-ray: 6979304fa940974e-FRA
content-length: 2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 160 KB
54 KB 67ms
32ms Script
application/javascript 142.250.185.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6666112eaba97ed82bf1a45990a9f83ec64a04c28ed37a4ac1b2ad1fed5284d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54901
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Oct 2021 22:39:44 GMT

GET
H2 200 DR_Logo_White_1_(1).png
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3213c3a1556a766c/60e5cf488b5719241d6bbd8c/ 6 KB
6 KB 8ms
6ms Image
image/png 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt3213c3a1556a766c/60e5cf488b5719241d6bbd8c/DR_Logo_White_1_(1).png?width=151

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fb71b7b8e777bfc8097ae85fa67cab4288b7a0a2e32a1db784430dcb449e22c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 1353344
x-cache: HIT, HIT
fastly-io-info: ifsz=14566 idim=616x96 ifmt=png ofsz=6004 odim=151x24 ofmt=png
content-disposition: inline; filename=DR_Logo_White_1_(1).png
fastly-stats: io=1
content-length: 6004
x-request-id: 20207
x-served-by: cache-ams21047-AMS, cache-hhn4044-HHN
x-runtime: 46ms
x-timer: S1633127985.617466,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "9TxeRbR2SbRuNviXBO3kBBIvNvOYBQLRM5/fonh1N4g"
strict-transport-security: max-age=31557600
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 letsencryptlogo.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt2920f1787824c8d9/61575a1f486c9a5b53695379/ 4 KB
4 KB 9ms
7ms Image
image/jpeg 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt2920f1787824c8d9/61575a1f486c9a5b53695379/letsencryptlogo.jpg?width=75&height=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c6a030cc406c47ff5e25872343a509abcc0c2f024257d564d3d08c72197ed85a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 13329
x-cache: HIT, HIT
fastly-io-info: ifsz=8881 idim=400x400 ifmt=jpeg ofsz=4335 odim=75x75 ofmt=jpeg
content-disposition: inline; filename=letsencryptlogo.jpg
fastly-stats: io=1
content-length: 4335
x-request-id: 74994
x-served-by: cache-ams21066-AMS, cache-hhn4044-HHN
x-runtime: 55ms
x-timer: S1633127985.617629,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "EbhkN2jOCp+VxHgzgBTjjYXGeas0zcl6OnLY4B9tdT8"
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 lurking.jpeg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltd122bca7dd324799/6155956e65b0f65a0af35c2e/ 5 KB
6 KB 8ms
7ms Image
image/jpeg 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/bltd122bca7dd324799/6155956e65b0f65a0af35c2e/lurking.jpeg?width=75&height=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

383e38db3434b71548c19d9a8e9b1dee58cd4f03e7a5f531acb779d8ff034a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 129218
x-cache: HIT, HIT
fastly-io-info: ifsz=1941705 idim=4423x3542 ifmt=jpeg ofsz=5281 odim=75x75 ofmt=jpeg
content-disposition: inline; filename=lurking.jpeg
fastly-stats: io=1
content-length: 5281
x-request-id: 70345
x-served-by: cache-ams21041-AMS, cache-hhn4044-HHN
x-runtime: 55ms
x-timer: S1633127985.617680,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "FDbaz2PuxV168f6gSg32j2eMEwdYwkh3qWijwslbwa8"
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 DigitalFingerprint.jpeg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt977be6899e16e660/61571c18bc00fe7cca71869e/ 8 KB
8 KB 8ms
7ms Image
image/jpeg 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt977be6899e16e660/61571c18bc00fe7cca71869e/DigitalFingerprint.jpeg?width=75&height=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9ff030a206ff192cf44fcc228d73f5774ae3802e24182f3000dfba1b97fe53a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 29208
x-cache: HIT, HIT
fastly-io-info: ifsz=258065 idim=996x601 ifmt=jpeg ofsz=8048 odim=75x75 ofmt=jpeg
content-disposition: inline; filename=DigitalFingerprint.jpeg
fastly-stats: io=1
content-length: 8048
x-request-id: 86824
x-served-by: cache-ams21081-AMS, cache-hhn4044-HHN
x-runtime: 57ms
x-timer: S1633127985.617737,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "34MWX+0PZb9f1++gR4ZLi0xQvA7K6DXDM+NfqeKh7WU"
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 1

GET
H2 200 email-security-PE2T6H.jpg
eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt355842bb36d92d65/6156f4afbc00fe7cca71862e/ 8 KB
8 KB 8ms
7ms Image
image/jpeg 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt66983808af36a8ef/blt355842bb36d92d65/6156f4afbc00fe7cca71862e/email-security-PE2T6H.jpg?width=75&height=75

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.66.217 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

963c7ae00970b79820e2ae3643a79e3cb42b790e9442ad1e6b2dcfaa650b73ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
via: 1.1 varnish, 1.1 varnish
age: 39297
x-cache: HIT, HIT
fastly-io-info: ifsz=79112 idim=646x431 ifmt=jpeg ofsz=7872 odim=75x75 ofmt=jpeg
content-disposition: inline; filename=email-security-PE2T6H.jpg
fastly-stats: io=1
content-length: 7872
x-request-id: 71276
x-served-by: cache-ams12771-AMS, cache-hhn4044-HHN
x-runtime: 65ms
x-timer: S1633127985.617769,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "JU7XoWCYRyrKVkOdGRNGuOmh8Ta4MHIqR5LT/WCGo0s"
strict-transport-security: max-age=31557600
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 cookie-close.svg
beta.darkreading.com/icons/ 667 B
427 B 491ms
490ms Image
image/svg+xml 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beta.darkreading.com/icons/cookie-close.svg
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5a1598944cdacee0760775794bff19417c31947033f3b013af8b6ceac45875c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 29 Sep 2021 07:58:41 GMT
server: cloudflare
etag: W/"29b-17c30901368"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=7200
cf-ray: 6979304fd948974e-FRA
expires: Sat, 02 Oct 2021 00:39:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 51ms
13ms Script
text/javascript 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6767
date: Fri, 01 Oct 2021 20:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 01 Oct 2021 22:46:57 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 45ms
8ms Script
application/x-javascript 13.224.190.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.190.164 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-190-164.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 21:14:35 GMT
content-encoding: gzip
age: 5109
x-edge-origin-shield-skipped: 0
cross-origin-resource-policy: cross-origin
x-cache: Hit from cloudfront
last-modified: Fri, 09 Jul 2021 00:11:37 GMT
server: nginx
etag: W/"60e79439-8e96"
vary: Accept-Encoding
content-type: application/x-javascript
via: 1.1 c3b74c81fdcb7942211a6c721efa13fd.cloudfront.net (CloudFront)
cache-control: max-age=7200
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Iod_o7NtieKr7lKfhYFJeYOCGH2Z_OHYNavEy1JhwkKIm_JWUKOhdg==
expires: Fri, 01 Oct 2021 23:14:35 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 480 B
643 B 38ms
6ms Script
application/json 151.101.1.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1904a6f1681862cacc777e086a1ae5464a8c78c3110bf1e845a6cac49f841b48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 1648
etag: aaab40e12ca91eabbcb0f8f10bd5715a-v0.179.1
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-P3
accept-ranges: none
x-amz-apigw-id: GjImJELTDoEF2Iw=

GET
H/1.1 200
OK elqCfg.min.js Show response
img.en25.com/i/ 6 KB
3 KB 44ms
12ms Script
application/x-javascript 104.111.229.66
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://img.en25.com/i/elqCfg.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.229.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-229-66.deploy.static.akamaitechnologies.com

Software

Resource Hash

3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Connection: keep-alive
Content-Length: 2183
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Last-Modified: Tue, 17 Aug 2021 17:49:31 GMT
Date: Fri, 01 Oct 2021 22:39:44 GMT
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: no-store
ETag: "fac3963b9093d71:0"
Accept-Ranges: bytes
X-Robots-Tag: noindex, nofollow
Expires: Fri, 01 Oct 2021 22:39:44 GMT

GET
H/1.1 200
OK dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js Show response
s.dpmsrv.com/ 822 KB
89 KB 52ms
9ms Script
application/x-javascript 13.224.193.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dpmsrv.com/dpm_8effee409c625e1a2d8f5033631840e6ce1dcb64.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 60973c564293b265321d9d256011c7ec10c973d7fb30c737c3e83db719391aa5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Fri, 01 Oct 2021 00:28:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Sep 2021 15:20:15 GMT
Server: AmazonS3
Age: 147809
ETag: "69d263060ea11790d9fe07e387bcad88"
X-Edge-Origin-Shield-Skipped: 0
Content-Type: application/x-javascript
Via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront)
Connection: keep-alive
X-Cache: Hit from cloudfront
X-Amz-Cf-Pop: FRA2-C1
Accept-Ranges: bytes
Content-Length: 90682
X-Amz-Cf-Id: 2mdFBlvtS4-xsCpt1f5Y5APVTHsIiEuljNtEYnt-uZ3VjV1JrK6MJg==

GET
H2 200 iframe_api Show response
www.youtube.com/ 980 B
2 KB 45ms
22ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

ESF /

Resource Hash

a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Fri, 01 Oct 2021 22:39:44 GMT

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 4 KB
2 KB 91ms
38ms Script
application/javascript 13.225.87.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.87.62 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-87-62.fra2.r.cloudfront.net

Software

Resource Hash

c25e928cc859315643fd8a46eadb1bbcaad8669c0a9c8ecc66b372738a8a58ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:44 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-edge-origin-shield-skipped: 0
etag: W/97bf085b49eb41669860fd901b39ddca
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
x-amz-cf-pop: FRA2-C2
content-length: 1892
via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
x-amz-cf-id: n89QuKkcGl_u3vNlhFjW7DPluOGnDy0iS59ocfs5WBIoDt8y3LxuHQ==

GET
H2 200 bib-related-content.min.css
cdn.bibblio.org/rcm/4.25/ 27 KB
4 KB 37ms
7ms Stylesheet
text/css 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bibblio.org/rcm/4.25/bib-related-content.min.css
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9980be9d70ed95faba94cd96d8b823f15513d20301811146fd675dd6d286e7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 12:14:43 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 19:49:07 GMT
server: AmazonS3
age: 37502
etag: W/"4525478a38ca00b0df41d6c9776a35c9"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/css
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: ewTQZDsAxH5axzBcmN_SHKDJS7b2njz2v7wYjF-F1VPU6FX9c0j1Gg==

GET
H2 200 bib-related-content.min.js Show response
cdn.bibblio.org/rcm/4.25/ 68 KB
16 KB 38ms
7ms Script
application/javascript 13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bibblio.org/rcm/4.25/bib-related-content.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T52Z3Z3&gtm_auth=&gtm_preview=&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0a0299efd966640f660d57e32381de95ce135bb55acf18cd672ff8a2c402b8a1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 12:14:43 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 19:49:08 GMT
server: AmazonS3
age: 37502
etag: W/"4c569d190954266b2f6d5a6ba11e4500"
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: application/javascript
via: 1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: LUBfdepdDpHTPIa8i2OR7p_IsrRD9K-5Y223ONHC1SzMAa9rDv9F4A==

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.1/ 173 KB
47 KB 34ms
7ms Script
application/javascript 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by: Host: 6600d6d98e534115970f9529a45f3195.js.ubembed.com
URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 03 Aug 2021 16:54:54 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 19:19:04 GMT
server: AmazonS3
age: 5118291
etag: W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 14y657TF9FFvGFe5Sb7KOvE45N678PC1K02IOl4vswkxSEOnuhTTWw==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 301ms
98ms Image
image/gif 52.45.61.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&u=Du8_F9BjzrYBBAGDCn&d=darkreading.com&g=53678&g0=attacks-breaches&g1=No%20Author&g4=article&n=1&f=00001&c=0&x=0&m=0&y=3030&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1368&t=C0E_7KDE1PR8ByY2o-CrhDs2CX-t3V&V=128&i=BloodyStealer%3A%20Advanced%20New%20Trojan%20Targets%20Accounts%20of%20Popular%20Online%20Gaming%20Platforms&tz=0&sn=1&sv=DPc-0fEDvpRD0v3MwBNNv2gc3Dzo&sd=1&im=067b2fff&_
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.61.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-61-27.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 22:39:45 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

200
OK

svrGP.aspx
trk.darkreading.com/visitor/v200/
Redirect Chain

https://trk.darkreading.com/visitor/v200/svrGP?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gami...
https://trk.darkreading.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online...

49 B
504 B

490ms
490ms

Image
image/gif

142.0.173.134
NETDYNAMICS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://trk.darkreading.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&ref2=elqNone&tzo=0&ms=802&optin=disabled&elq1pcGUID=DDC5D83AD4A948938EE0FF2473300251

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

142.0.173.134 , United States, ASN7160 (NETDYNAMICS, US),

Reverse DNS

Software

Resource Hash

f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 22:39:45 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 49
X-Xss-Protection: 1; mode=block
Expires: -1

Redirect headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 22:39:45 GMT
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
P3P: CP="IDC DSP COR DEVa TAIa OUR BUS PHY ONL UNI COM NAV CNT STA",
Location: https://trk.darkreading.com/visitor/v200/svrGP.aspx?pps=3&siteid=2150&ref=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&ref2=elqNone&tzo=0&ms=802&optin=disabled&elq1pcGUID=DDC5D83AD4A948938EE0FF2473300251
Cache-Control: no-store
X-Robots-Tag: noindex, nofollow
Content-Length: 444
X-Xss-Protection: 1; mode=block
Expires: -1

GET
H2 200 modules.e95f6e2deb67f1b24d8e.js Show response
script.hotjar.com/ 221 KB
59 KB 53ms
8ms Script
application/javascript 13.224.193.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-122.fra2.r.cloudfront.net

Software

Resource Hash

3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 08:27:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 310359
x-amz-server-side-encryption: AES256
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
content-length: 59787
access-control-allow-origin: *
last-modified: Tue, 28 Sep 2021 08:26:22 GMT
etag: "4c2c45df8457d0c2a07b3285a23cd7a4"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 cb33a7a4640adbb55df3e0d143601559.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: Ul-Y42kQgFvgjd0AvXP8HjXIPicHYZx4HlvFiyzPuwnE4Rd73SeRPw==

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/ 136 KB
44 KB 23ms
8ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

sffe /

Resource Hash

29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 18:55:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45039
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Oct 2022 18:55:25 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 142.250.185.238
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=248831093&t=pageview&_s=1&dl=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&dp=%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&ul=en-us&de=UTF-8&dt=BloodyStealer%3A%20Advanced%20New%20Trojan%20Targets%20Accounts%20of%20Popular%20Online%20Gaming%20Platforms&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1656464968&gjid=173583052&cid=1886204567.1633127985&tid=UA-135180592-2&_gid=1143257217.1633127985&_r=1&gtm=2wg9r0T52Z3Z3&cg1=article&cg2=Products%20%26%20Releases&cd1=article&cd2=&cd3=&cd4=Products%20%26%20Releases&cd5=Sep%2027%2C%202021&cd6=attacks-breaches&cd16=blt54ccda7beabeb2f6&cd17=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&cd18=3834%2Fdarkreading.home%2Farticle%2Fattacks-breaches&cd20=vanguard%20-%2058&z=1336372465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.238 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 01 Oct 2021 22:39:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://ib.adnxs.com/getuid?https://a.dpmsrv.com/dpmpxl/index.php?id=$UID&q%3DxImp%26v%3D1.x%26cl%3D55%26pixelIndex%3D0%26r%3D478656%26tzOffset%3D0%26url%3Dhttps%253A%252F%252Fwww.darkreading.com%2...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D55%2526pixelIndex%253D0%2526r%253D478656%2526tzOffset%253...
https://a.dpmsrv.com/dpmpxl/index.php?id=5246352413000860545&q=xImp&v=1.x&cl=55&pixelIndex=0&r=478656&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-ne...

249 B
999 B

408ms
99ms

Script
text/javascript

3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?id=5246352413000860545&q=xImp&v=1.x&cl=55&pixelIndex=0&r=478656&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&_=1633127984864
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-4-25.compute-1.amazonaws.com
Software: /
Resource Hash: 89d5b098073548b72a4174a44dbe90a7045e33a04ea9f12aeee6a54c8ec69424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
content-encoding: gzip
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 220
Expires: 0

Redirect headers

Pragma: no-cache
Date: Fri, 01 Oct 2021 22:39:44 GMT
X-Proxy-Origin: 216.131.114.163; 216.131.114.163; 400.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 7f570c41-4573-4b7a-a3d7-4a41bd11902d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://a.dpmsrv.com/dpmpxl/index.php?id=5246352413000860545&q=xImp&v=1.x&cl=55&pixelIndex=0&r=478656&tzOffset=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&_=1633127984864
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
463 B 45ms
14ms XHR
text/plain 74.125.140.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-135180592-2&cid=1886204567.1633127985&jid=1656464968&gjid=173583052&_gid=1143257217.1633127985&_u=YEBAAEAAAAAAAC~&z=1538042982

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f154.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.darkreading.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 01 Oct 2021 22:39:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 78E1 2 KB
1 KB 36ms
7ms Document
text/html 13.224.193.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2610568.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-116.fra2.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkreading.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6df.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: L-KmG3QMa5wTsGZj1JXNKisvI69ufFLk-wrJ3PLLpasIWYVOwDU5-A==
age: 6341679

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/2610568/ 146 B
323 B 103ms
35ms XHR
application/json 99.81.27.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/2610568/visit-data?sv=6
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.27.250 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-27-250.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36

Request headers

Referer: https://www.darkreading.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 905 B
1010 B 59ms
25ms Script
text/javascript 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=rcCallback&render=explicit

Requested by

Host: dsimg.ubm-us.net
URL: https://dsimg.ubm-us.net/ubm-widget/js/ubm-widget-min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

01907584ca78ff570ed5e3cd3f309360b9b3909ab11b437070d1d4ab31d8620b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576
x-xss-protection: 1; mode=block
expires: Fri, 01 Oct 2021 22:39:45 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/ 346 KB
136 KB 29ms
7ms Script
text/javascript 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/-TriQeni1Ls-Mdq_ssN2cUL5/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=rcCallback&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 17:57:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138353
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 04:02:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="recaptcha"
expires: Sat, 01 Oct 2022 17:57:00 GMT

GET
H/1.1

200
OK

index.php Show response
a.dpmsrv.com/dpmpxl/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865
https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865&google_tc=
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865&google_error=15

0
598 B

98ms
98ms

Script
text/javascript

3.224.4.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865&google_error=15
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.224.4.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-224-4-25.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Access-Control-Max-Age: 10
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/javascript
Access-Control-Allow-Headers: content-type, accept
Content-Length: 0
Expires: 0

Redirect headers

pragma: no-cache
date: Fri, 01 Oct 2021 22:39:45 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=5246352413000860545&pixelIndex=0&_=1633127984865&google_error=15
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 451 423396.gif
idsync.rlcdn.com/ 0
66 B 39ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/423396.gif?partner_uid=5246352413000860545
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 58ms
22ms Script
application/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.darkreading.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
3 KB 46ms
46ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985783&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=307046208&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3054&msz=0x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e63c4547c5db62988c9647e7f18ec298b5a9dd94a841285b7118a75b8c8f6eec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3215
x-xss-protection: 0
google-lineitem-id: 5742864868
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351212023
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8118 0
0 52ms
15ms Document
text/html 142.250.185.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f1.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkreading.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 01 Oct 2021 22:39:45 GMT
expires: Sat, 01 Oct 2022 22:39:45 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 200 /
api.bibblio.org/v1/content-item-url-ingestions/ Frame 0
0 126ms
85ms Preflight
application/json 13.224.193.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bibblio.org/v1/content-item-url-ingestions/

Protocol

Server

13.224.193.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-64.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 01 Oct 2021 22:39:45 GMT
x-amzn-requestid: c8ccf024-7885-415b-95c0-1230f354e978
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: GjMn1EGSjoEFmVA=
access-control-allow-methods: POST,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: o7_DcmIkHg7B-wcQH1Olkp-AQw3Tr-LfXt3wZ4WNRdx5pW6LHwDoXQ==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
257 B 55ms
55ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&ists=1&prev_scp=pos%3Doop_v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985786&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=993202187&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3054&msz=0x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

f4de16748f49b66d05101ff51b725c29d73dca7521d8866c507490c35a753f5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
260 B 42ms
42ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=pos%3Dfloor_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985788&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=4013581329&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3054&msz=0x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

d3949fde8b66050d588bef0ec392edc595de79d201987c5b4b2bb210ff95cf14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
10 KB 53ms
53ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985789&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3652044768&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3054&msz=0x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

aab82336358f7ee0ae68d0de3f901b729844a2fecda6380deb0309a0b4e90b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10380
x-xss-protection: 0
google-lineitem-id: 5739159316
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364917954
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 453 B
260 B 48ms
48ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=7x7&prev_scp=pos%3Dadhesion_v%26gdpr_banner%3Don%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985791&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=356548446&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x3054&msz=7x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=128&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

9f3a33c4dfb2810800f72eccf21246ae4868d8e007ebe4749c56f73c871b7d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 422 / Show response
api.bibblio.org/v1/content-item-url-ingestions/ 175 B
598 B 174ms
174ms XHR
application/json 13.224.193.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bibblio.org/v1/content-item-url-ingestions/

Requested by

Host: cdn.bibblio.org
URL: https://cdn.bibblio.org/rcm/4.25/bib-related-content.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-64.fra2.r.cloudfront.net

Software

Resource Hash

6daa62ec3812d8c4cc65448351cefcbe9a190ecec9c63cc261d28a851632d5fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://www.darkreading.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer cad9e1a0-1087-4b12-918a-6a2155eb25a3
Content-Type: application/json

Response headers

date: Fri, 01 Oct 2021 22:39:46 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 69529273-8f74-4240-a2c1-a6ed79c10ccd
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Error from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61578e31-7d83e41f3c9637c05c3bb8b2;Sampled=0
x-amz-apigw-id: GjMn1Er1DoEF5AA=
content-length: 175
x-amz-cf-id: f2LwWBv5abPSEbRmn7UOWo9Us41SXmExY2dyI4y1KxgTJSbbbuqoQw==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 48ms
48ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3D300_2v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985810&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=988&adys=128&adks=377514299&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x0&msz=300x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

c75e89ed744facecdd40c0d2eb96e70bee72601d862b05365dd06c70638f9d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11012
x-xss-protection: 0
google-lineitem-id: 5742864868
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345577888
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 47ms
46ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=970x90%7C970x250%7C728x90&prev_scp=pos%3D728_1v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985814&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=107&adks=3440152337&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=984x0&msz=970x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

39a71a84ae009f0576be5e2ed1790f0d4062818ac64f50bc700bb751d6279810

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11027
x-xss-protection: 0
google-lineitem-id: 5711390300
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138359005438
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
9 KB 48ms
47ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250%7C5x5&prev_scp=pos%3D300_1v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985817&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=988&adys=128&adks=3018244738&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=308x0&msz=300x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

5cda714b092b303eebe05f38b4cc81a2a52412010298801e4a1e42fa94619250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9033
x-xss-protection: 0
google-lineitem-id: 5742864868
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138346212860
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 22 KB
9 KB 56ms
56ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&prev_scp=pos%3Dnative_1v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985819&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=308&adys=1118&adks=489372232&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=646x0&msz=646x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

8e12250829d915f99d633d343bde700f4650f3837c5a7bd5d7ac5ba90b880616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9061
x-xss-protection: 0
google-lineitem-id: 5662689032
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138361506903
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 50ms
49ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=1x1&prev_scp=pos%3Dvideo_v%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985822&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=308&adys=510&adks=3980632022&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=646x1700&msz=646x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

c35f442385fe4be96dfeb066b74ad0853ccab5fd66c8d88f6248c1fdb8b89f6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
google-lineitem-id: 5674929725
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138347225724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
11 KB 54ms
54ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3678260115903766&correlator=4167607185583159&output=ldjh&impl=fif&eid=31060200&vrg=2021092001&ptt=17&npa=1&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cattacks-breaches&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3D300_1v_article%26ptype%3Darticle%26pageid%3Dblt54ccda7beabeb2f6%26aid%3D648077&cookie_enabled=1&bc=31&abxe=1&lmt=1633127985&dt=1633127985824&dlt=1633127983949&idt=157&frm=20&biw=1600&bih=1200&oid=2&adxs=654&adys=730&adks=3089147345&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.darkreading.com%2Fattacks-breaches%2Fbloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=1886204567.1633127985&ga_sid=1633127986&ga_hid=248831093&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

c18684813fb81cc9996016ac08f9745eef636defd95f8c093aaa23afa766a943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11041
x-xss-protection: 0
google-lineitem-id: 5657449576
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345706375
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 rum Show response
www.darkreading.com/cdn-cgi/ 0
237 B 14ms
13ms XHR
text/plain 104.17.118.99
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.118.99 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-fetch-mode: cors
origin: https://www.darkreading.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
cookie: _gcl_au=1.1.107122999.1633127985; _cb_ls=1; _cb=Du8_F9BjzrYBBAGDCn; _chartbeat2=.1633127984750.1633127984750.1.DPc-0fEDvpRD0v3MwBNNv2gc3Dzo.1; _cb_svref=null; _ga=GA1.2.1886204567.1633127985; _gid=GA1.2.1143257217.1633127985; _gat_UA-135180592-2=1; dpm_url_count=1; _hjid=9e3d2018-3aff-4266-a10c-d223e7a19c16; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; __Secure-next-auth.callback-url=https%3A%2F%2Fwww.darkreading.com; _hjIncludedInSessionSample=0; __Host-next-auth.csrf-token=a69e3528261daff7bb5ccc919e8f32331fb41cfe7a635e34f93914870abf7e48%7C146ca5c17fb7fcd5bfe9e96561fbb13d1912dd3fe1f5c354c36ead6f6e36e09f; ELOQUA=GUID=DDC5D83AD4A948938EE0FF2473300251; informa_gdpr_cookie=1
content-length: 21357
:path: /cdn-cgi/rum?
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: www.darkreading.com
referer: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json

Response headers

date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 697930576ae1974e-FRA
vary: Origin

GET
H2 404 recommendations Show response
api.bibblio.org/v1/ 9 B
422 B 356ms
356ms XHR
text/plain 13.224.193.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bibblio.org/v1/recommendations?limit=6&page=1&fields=name,url,moduleImage,datePublished,author,customFields,description&customUniqueIdentifier=blt54ccda7beabeb2f6&corpusType=syndicated&moduleSettings=eyJzdHlsZVByZXNldCI6ImRlZmF1bHQiLCJzdHlsZUNsYXNzZXMiOiJiaWItLWdyZC00IGJpYi0td2lkZSBiaWItLXNoaW5lIiwic3VidGl0bGVGaWVsZCI6ImRlc2NyaXB0aW9uIiwiZGF0ZUZvcm1hdCI6IkRNWSIsInRydW5jYXRlVGl0bGUiOm51bGwsImhpZGRlbiI6ZmFsc2V9&moduleVersion=4.25.0&moduleId=bibblio_rcm_footer

Requested by

Host: cdn.bibblio.org
URL: https://cdn.bibblio.org/rcm/4.25/bib-related-content.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-64.fra2.r.cloudfront.net

Software

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Referer: https://www.darkreading.com/
Accept-Language: de-DE,de;q=0.9
Authorization: Bearer cad9e1a0-1087-4b12-918a-6a2155eb25a3
Content-Type: application/json

Response headers

date: Fri, 01 Oct 2021 22:39:46 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 4e8508f8-4700-4041-b81d-2d4c12392489
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: Error from cloudfront
content-type: text/plain
access-control-allow-origin: *
x-amzn-trace-id: Root=1-61578e31-7aa8c2d844fb17d7251e51ae;Sampled=0
x-amz-apigw-id: GjMn1FhtjoEF4Qg=
content-length: 9
x-amz-cf-id: B6OsaYAAmA4zOdok9nyCOqpVcMxqF-znbxzfg6iDdLieLx8SmFId4g==

OPTIONS
H2 200 recommendations
api.bibblio.org/v1/ Frame 0
0 102ms
95ms Preflight
application/json 13.224.193.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

13.224.193.64 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-64.fra2.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type
Origin: https://www.darkreading.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Fri, 01 Oct 2021 22:39:45 GMT
x-amzn-requestid: 398f9eeb-916e-4f00-8ddb-16f9ad5a4b14
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: GjMn1FxWDoEFwwQ=
access-control-allow-methods: GET,OPTIONS
x-cache: Miss from cloudfront
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: OxowSGl7crcTWTUI_-HWTEcRKT3__n6TBw55oavOdHMiOfNyDAvYwQ==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 42ms
19ms XHR
application/json 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a0d7f58867112605d50eabac70d91c0ff918ff460174678271959df2e4f24862

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Oct 2021 22:39:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8600
x-xss-protection: 0

GET
H2 200 15315645946649443377
tpc.googlesyndication.com/simgad/ 161 KB
162 KB 60ms
15ms Image
image/png 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15315645946649443377?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

3a4a9573b236baf6ec2b0f258521e1f889858cb153f8fa2c5b1a559d07737b1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 26 Sep 2021 07:35:32 GMT
x-content-type-options: nosniff
age: 486253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164835
x-xss-protection: 0
last-modified: Thu, 27 May 2021 13:50:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 26 Sep 2022 07:35:32 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d97cd17883ca5ab4699fd714bb6a3657949e425b634eefb003d6efd92625fe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
23 B 43ms
42ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstr7dUklKqIjtmAi94WMBK7gAFujze70tv1jSLf4o4znP5B8wRRP3TJK6BmXPH2oJYR-7guW3K4S0n-HLI2M2YMaM-IdTuLiNDcKrE09VysD68_60Vy8KJTjLaqOCuoZtA03uy3vY9kvg9yno3rORo31mgRn0I--tGdani8rSPfiQ7nfzI3iF3rRl6VY4mUB7eyz_mAJLYInVlkwvspNljdEfxMNQlA6Km6VXNMoiCoAKwi6_sADIZ-j15irf4N8yo-tPGeHSUMKh-S2_6t7PIjUOiYETYHNc0_KFdFO3Q5qB-iSFItsw0TjjgjeHHktaKP3_9S2nXtrrqp8odh2gR-21OawaBVUvQXT_I&sig=Cg0ArKJSzB547f9MZ2bqEAE&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/attacks-breaches/bloodystealer-advanced-new-trojan-targets-accounts-of-popular-online-gaming-platforms

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 01 Oct 2021 22:39:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1560ms
1541ms Script
text/javascript 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 22:39:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Fri, 01 Oct 2021 22:39:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 7A61 12 KB
5 KB 36ms
13ms Document
text/html 142.250.184.193
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.193 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkreading.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 01 Oct 2021 20:54:24 GMT
expires: Sat, 01 Oct 2022 20:54:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6323
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ADDC 783 B
533 B 38ms
22ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

bb399c93940996c47aa528b004a3955cb9cdf8eb3eb296fda8bdaa92d0b064ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uH/hqITtCynBDGLmEmrWRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.darkreading.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 01 Oct 2021 22:39:47 GMT
date: Fri, 01 Oct 2021 22:39:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uH/hqITtCynBDGLmEmrWRA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ADDC 0
0 46ms
31ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092001&jk=3678260115903766&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7A61 35 KB
13 KB 21ms
7ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/NNk1vzza2fvPfI2QNF-UnTMKXalxTSrKsyU60SrCuuY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 07:52:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13338
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:08:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 01 Oct 2022 07:52:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 25ms
25ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092001&jk=3678260115903766&bg=!7u2l7anNAAZNQyuQTUM7ACkAdvg8WuZQMpGjBEo_lNDRaCzWKZUuwvcix-CdMlynYz1XLNP-qqepMwIAAABdUgAAAAxoAQeZAtDw5DoMfa6YWbbpvSkg19LoXP1IuEtc8_hMRxAeIsmc2R-HGA8gmYKX0W40f9H3g2XAGTDYUWnA3N2otQbF0Xr6mp3N8lxPvVART5km1R41IYqBJc4YSWjNqPosXOD1QkR20dfI5b_dxNRLKkVayX3nKb8aSfunnWKvWKL9mYJYkeacb1TnhQVUMmyCuyC5lZ5QaV9oSFK6TsqpSzMaX2w4EABhCdSmb-MvQIvX4EJ_kK_dwKJtZfKfH5howSBYPHevhVjjSmrNQ5j74neH6GS52eiRJhtlYSu5lPwWhGCuLMzUFiBwgEvy4sr6eZ3rXCNG6uaJmEgh0E-K5mmuDvIfyja8Yrz3e1YNX9LXJqGnRBCJPFFeSJzR9xQm4FbFRnD4N9sMTVsJEAAerAmv0FmMnVWIHnd9Gwr9r27WpV2DtmUNbIciP7nP9BNGtgAHSKltQIxqv2IFXk233sqbrLq9Nuyd60T__4T0Zbx7E8F2aCpaUgBJQmVCk9RucxG09Oy2pHQSp1fSJi7pxcOC0TPxuJDLX3LRuI-oA3PoRfYeo2KE856zX8LobS_PwtoH6pnF6bJoIjdJjCtFZxAjtee5fAZ-lcArz4k0UwPWotH9jIVzhTHcn_eVQMZWleB03E88j3i3FFptoS-jyw-D9sXdl5ZkrRnyGF5dReFpPraFy6FiB390APuYacfuK6J38h8jrLf_IPsUQvMJ8LbRx3o3bPIDaGCJTIWktm1bxPNlOrpwF11PNL5IeCZ5pei47qIpioeckyVzzOFMReOdsK6LZa8ExAKdHl9oc7E2SR14ZWCVxlmJr1lM8AyxCu9voXOdS3dMafUlQ589G18NQBilXNXzdJUY_FKNAWBIhfZ0jjscKnEbaZc5hN_75TxBvmuIRIDf00jfqIms9--bf5aeGVCc1YapSyEFkOvtx0F-KJf_ABmrPhqzied1yIJ3L6o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

184 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

27 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.darkreading.com/attacks-breaches	1969-12-31 23:59:59	Name: hasLiveRampMatch Value: true
.darkreading.com/	1970-01-19 23:48:23	Name: _gcl_au Value: 1.1.107122999.1633127985
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: STYISoJ2Hmg
.youtube.com/	1970-01-20 01:57:59	Name: VISITOR_INFO1_LIVE Value: UOy96gz4XUg
www.darkreading.com/	1970-01-20 07:07:35	Name: _cb_ls Value: 1
www.darkreading.com/	1970-01-20 07:07:35	Name: _cb Value: Du8_F9BjzrYBBAGDCn
www.darkreading.com/	1970-01-20 07:07:35	Name: _chartbeat2 Value: .1633127984750.1633127984750.1.DPc-0fEDvpRD0v3MwBNNv2gc3Dzo.1
www.darkreading.com/	1970-01-19 21:38:49	Name: _cb_svref Value: null
.darkreading.com/	1970-01-20 15:09:59	Name: _ga Value: GA1.2.1886204567.1633127985
.darkreading.com/	1970-01-19 21:40:14	Name: _gid Value: GA1.2.1143257217.1633127985
.darkreading.com/	1970-01-19 21:38:48	Name: _gat_UA-135180592-2 Value: 1
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_url_count Value: 1
.darkreading.com/	1970-01-20 06:24:23	Name: _hjid Value: 9e3d2018-3aff-4266-a10c-d223e7a19c16
.darkreading.com/	1970-01-19 21:38:49	Name: _hjFirstSeen Value: 1
.adnxs.com/	1970-01-19 23:48:23	Name: uuid2 Value: 5246352413000860545
www.darkreading.com/	1970-01-19 21:38:48	Name: _hjIncludedInPageviewSample Value: 1
.darkreading.com/	1970-01-19 21:38:49	Name: _hjAbsoluteSessionInProgress Value: 0
.darkreading.com/	1969-12-31 23:59:59	Name: __Secure-next-auth.callback-url Value: https%3A%2F%2Fwww.darkreading.com
www.darkreading.com/	1970-01-19 21:38:48	Name: _hjIncludedInSessionSample Value: 0
www.darkreading.com/	1969-12-31 23:59:59	Name: __Host-next-auth.csrf-token Value: a69e3528261daff7bb5ccc919e8f32331fb41cfe7a635e34f93914870abf7e48%7C146ca5c17fb7fcd5bfe9e96561fbb13d1912dd3fe1f5c354c36ead6f6e36e09f
.dpmsrv.com/	1970-04-10 22:05:27	Name: dpm_pxl Value: 9214c7709bd4fcbfff3a68b061b66e5f0b78cecf
.dpmsrv.com/	1970-04-10 22:05:27	Name: dpm_pxl_aid Value: 5246352413000860545
.darkreading.com/	1970-01-20 07:09:02	Name: ELOQUA Value: GUID=DDC5D83AD4A948938EE0FF2473300251
www.darkreading.com/	1970-01-20 06:24:23	Name: informa_gdpr_cookie Value: 1
.doubleclick.net/	1970-01-20 15:09:59	Name: IDE Value: AHWqTUlUkR9rAlrFZlZbDnraNj6vUWt6FKERC4Fu3EWPcm6zrxttiNutW32IJ5WiHZU
.darkreading.com/	1970-01-20 07:00:23	Name: __gads Value: ID=672c9165d0347111:T=1633127985:S=ALNI_MZ_gqOEEJRa0fIDTMx_tMCA4eG7hQ
www.darkreading.com/	1969-12-31 23:59:59	Name: dpm_time_site Value: 4.008

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://idsync.rlcdn.com/423396.gif?partner_uid=5246352413000860545 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://api.bibblio.org/v1/content-item-url-ingestions/ Message: Failed to load resource: the server responded with a status of 422 ()
network	error	URL: https://api.bibblio.org/v1/recommendations?limit=6&page=1&fields=name,url,moduleImage,datePublished,author,customFields,description&customUniqueIdentifier=blt54ccda7beabeb2f6&corpusType=syndicated&moduleSettings=eyJzdHlsZVByZXNldCI6ImRlZmF1bHQiLCJzdHlsZUNsYXNzZXMiOiJiaWItLWdyZC00IGJpYi0td2lkZSBiaWItLXNoaW5lIiwic3VidGl0bGVGaWVsZCI6ImRlc2NyaXB0aW9uIiwiZGF0ZUZvcm1hdCI6IkRNWSIsInRydW5jYXRlVGl0bGUiOm51bGwsImhpZGRlbiI6ZmFsc2V9&moduleVersion=4.25.0&moduleId=bibblio_rcm_footer Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6600d6d98e534115970f9529a45f3195.js.ubembed.com
a.dpmsrv.com
a436f2daca3454bb9cd21c44a24d9fd3.safeframe.googlesyndication.com
adservice.google.com
api.bibblio.org
assets.ubembed.com
beta.darkreading.com
cdn.bibblio.org
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsimg.ubm-us.net
eu-images.contentstack.com
fonts.gstatic.com
ib.adnxs.com
idsync.rlcdn.com
img.en25.com
in.hotjar.com
pagead2.googlesyndication.com
ping.chartbeat.net
s.dpmsrv.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
stats.g.doubleclick.net
tpc.googlesyndication.com
trk.darkreading.com
vars.hotjar.com
www.darkreading.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
104.111.229.66
104.16.18.94
104.16.95.65
104.17.118.99
104.21.66.12
13.224.190.164
13.224.193.116
13.224.193.120
13.224.193.122
13.224.193.126
13.224.193.64
13.225.87.62
142.0.173.134
142.250.181.227
142.250.184.193
142.250.184.196
142.250.185.130
142.250.185.168
142.250.185.193
142.250.185.238
142.250.185.98
142.250.186.67
151.101.1.131
151.101.66.217
172.217.23.110
185.33.223.38
216.58.212.130
216.58.212.162
3.224.4.25
35.244.174.68
52.45.61.27
74.125.140.154
99.81.27.250
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
007a67c914d85cc1a87bbd631a0f561ef6d77adde9321aa5df53d16b3a5d1e7f
01907584ca78ff570ed5e3cd3f309360b9b3909ab11b437070d1d4ab31d8620b
0851cbd91b78802d4bf0d65c598081b24567554b2b8af278c510852e44ca6831
0a0299efd966640f660d57e32381de95ce135bb55acf18cd672ff8a2c402b8a1
0e153b77b7b590360c91df38e894d46fd6061ce57cc0bbbc09f4c408a66bd0c7
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
1904a6f1681862cacc777e086a1ae5464a8c78c3110bf1e845a6cac49f841b48
1ac337f755cdf3c5a9024c9e661ee1906f85a87dd0799419658d244631f9194c
1b70bc18487e03935960a024a87f3c4a982d3eec9b3d25062d3460379f1ac5e7
26a81f9748a42eeb15a43c5cc3c1a7b7582e4d9f0ab3cd5be477f87096eed840
29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c
2c947fb257287976cf7cd15cd2a488c1cc4093a5c5ff2a40a56ba9a7c9e07c08
3070455a521ba6c867d80de2a8eee04ba5888727dfd6d8b05110fcc038373d99
3346de8e2ae1bfde250c7ac5c06f79a0a60c7faef8e5e08a2c9e8fbf5ec2c9e8
34d935bf3cdad9fbcf7c8d90345f949d330a5da9714d2acab3253ad12ac2bae6
383e38db3434b71548c19d9a8e9b1dee58cd4f03e7a5f531acb779d8ff034a41
39a71a84ae009f0576be5e2ed1790f0d4062818ac64f50bc700bb751d6279810
39af455a2b69c42c7d192932c04aae5106bff6194f6d00bb3b23f067455c46d5
3a418f7ec3567130ba266bedd69716a557c2700073c6bd7eb38763f320218ec7
3a4a9573b236baf6ec2b0f258521e1f889858cb153f8fa2c5b1a559d07737b1d
3d74953fccb7a89083f745776f20bce154999699e5940c5f763af666472a7fb9
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
425a7a245152de6efd4fba9eb8e5fd6039fdbceb14bd136e81dc4e378a25f5b6
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
57f5a86125c4429ee24d506b380c5f442822e169d708b7703906b0fad7468404
5ccb86c5cca20d69f5da56707c66f6e0c2656ae43fe626f94ca2fc1a46b5026a
5cda714b092b303eebe05f38b4cc81a2a52412010298801e4a1e42fa94619250
60973c564293b265321d9d256011c7ec10c973d7fb30c737c3e83db719391aa5
612e6b00354d56a1726cd40dc9a28d83ffda033d63214eae704d1e61ef59b3b5
6414656f939f73a463499bd2c5a8f75793658adf6e05d0e4cd61d1ba36636b94
6474fd642f8fe734719116a57ed22f08e2c5010c871236495c8383f5c8086f38
6666112eaba97ed82bf1a45990a9f83ec64a04c28ed37a4ac1b2ad1fed5284d9
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6daa62ec3812d8c4cc65448351cefcbe9a190ecec9c63cc261d28a851632d5fa
709d361139196c013b33cae8b090ae17656126dbe00bf1baee164abb2186dc3e
74822578ac25d8a2436dce2997b12d4dcf7ae6efee1e5c681aa0c17a5edb47d4
757c66837cfbe8c2533e8c41099d8e50b20f83fbf84ead6a6d7435dcc2ad0884
7c34c55b13bbb4b84c3d72e83a224c5f80197161356b4f11f957782a71b97e28
7d97cd17883ca5ab4699fd714bb6a3657949e425b634eefb003d6efd92625fe7
820baf6a25ee06590a1875ea3ff1aca61f8270946692845eea0643249ae62778
84e6038a0998977dd537acd25f8a8ea7c6b8496dd0c0478927862eae445cf9a0
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
89d5b098073548b72a4174a44dbe90a7045e33a04ea9f12aeee6a54c8ec69424
8e12250829d915f99d633d343bde700f4650f3837c5a7bd5d7ac5ba90b880616
963c7ae00970b79820e2ae3643a79e3cb42b790e9442ad1e6b2dcfaa650b73ed
99c834f8b8e2b2e06beb8c761c9ff6826078f8f7db13bc011f85ec0cbedae5fb
9a56dc4627d4adbf44ec845d08aed2859b459b19f76157c05df5532f2c650e08
9f3a33c4dfb2810800f72eccf21246ae4868d8e007ebe4749c56f73c871b7d15
9ff030a206ff192cf44fcc228d73f5774ae3802e24182f3000dfba1b97fe53a6
a0428c36942097bbf7cc98bcebc81dee047382fac414217e89cc572c7f9473f6
a0d7f58867112605d50eabac70d91c0ff918ff460174678271959df2e4f24862
a2983429e4fac7e741631230b47b0b992c1c429503d276d79e894220b6962fc2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464
aab82336358f7ee0ae68d0de3f901b729844a2fecda6380deb0309a0b4e90b8b
ab95872c4726727a3b09b1f8c28490c70b7e407e97fd93bbfb75a2ecc5faac36
acd89c8dd5cc9cf47ee574302ec883993c33d419da8840ddb05763b857f1f09f
b0236d5c7c5a438a04858e85fe41d24cdcc0cf55a99a45cd2dc36bef08905980
b0d07fd0ecfc8286de3cb0d3d5267f2c6c668c267ad547369585bc13b7d7f6f8
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b32c9c990ccecb65d55fb56d5801ae902db32aebd81812aa11340d1741ca20ab
bb399c93940996c47aa528b004a3955cb9cdf8eb3eb296fda8bdaa92d0b064ac
c18684813fb81cc9996016ac08f9745eef636defd95f8c093aaa23afa766a943
c25e928cc859315643fd8a46eadb1bbcaad8669c0a9c8ecc66b372738a8a58ae
c35f442385fe4be96dfeb066b74ad0853ccab5fd66c8d88f6248c1fdb8b89f6f
c6a030cc406c47ff5e25872343a509abcc0c2f024257d564d3d08c72197ed85a
c75e89ed744facecdd40c0d2eb96e70bee72601d862b05365dd06c70638f9d7e
cdb4392404ba3b9a4057e5ade4007e7b1c24aabf959320da364c0a1cb08565cb
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0455859d4e251ea8ce154794beebdb7737c418d8357d55b828262a8be0f8a86
d1fb8d8337cd22568295b0ed998c85c58f0b4cd083af0b0db21cb0af80002f2d
d3949fde8b66050d588bef0ec392edc595de79d201987c5b4b2bb210ff95cf14
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a1598944cdacee0760775794bff19417c31947033f3b013af8b6ceac45875c
e63c4547c5db62988c9647e7f18ec298b5a9dd94a841285b7118a75b8c8f6eec
e6662249db09c83d3c8d1a580d1ab3f222044c2f4fc90f63c4fa866f920b1695
ea1cd29d37abe22b21d86319fe5a6329859bece19d2aba6125e789c46c812e72
eb1e150667a1699d56e4993594a25afc18e44453d8a1db11e1204c25eec745c0
eb9f8497b8a8171e4a45e3040f8e023f98b4a36a6ef23fb1e14e0cf2d0a7111f
ecf61588c25ee18af03e68239e8098d3e617a0700836e67915da2c0377b73a36
ed7e9d8f6ba6c9ba5270b06f126116f4191b87d0b7de5e012c15c761d74b2c82
f1ccea6b7204d9f7913ab45e1afa51d79f83bd4f0319de937b0132e6e02b1aab
f4de16748f49b66d05101ff51b725c29d73dca7521d8866c507490c35a753f5b
f9980be9d70ed95faba94cd96d8b823f15513d20301811146fd675dd6d286e7e
fb71b7b8e777bfc8097ae85fa67cab4288b7a0a2e32a1db784430dcb449e22c3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffcaeef328a1e67717f714997426aaf936e4b9d378a5fbe1bd2a063dfeb50750

www.darkreading.com Open in urlscan Pro 104.17.118.99 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

98 Requests

100 %HTTPS

0 %IPv6

21 Domains

35 Subdomains

32 IPs

5 Countries

1812 kBTransfer

5778 kBSize

27 Cookies

1 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.darkreading.com Open in urlscan Pro
104.17.118.99 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

100 %
HTTPS

0 %
IPv6

21
Domains

35
Subdomains

32
IPs

5
Countries

1812 kB
Transfer

5778 kB
Size

27
Cookies

98 HTTP transactions
1 data transactions