www.darkreading.com Open in urlscan Pro
2606:4700::6812:6e2f Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Submission: On February 29 via api (February 29th 2024, 2:14:29 am UTC) from TR — Scanned from DE

Summary HTTP 247 Redirects Links 38 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 26 domains to perform 247 HTTP transactions. The main IP is 2606:4700::6812:6e2f, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.darkreading.com. The Cisco Umbrella rank of the primary domain is 146412.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 9th 2023. Valid for: a year.

This is the only time www.darkreading.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
80	2606:4700::68... 2606:4700::6812:6e2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
10	2606:4700::68... 2606:4700::6812:82ec	13335 (CLOUDFLAR...) (CLOUDFLARENET)
27	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::ac40:9b77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42::649 2a04:4e42::649	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
4	108.138.36.70 108.138.36.70	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:237... 2600:9000:237d:b600:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:27b5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.192.117 18.66.192.117	16509 (AMAZON-02) (AMAZON-02)
1	185.221.87.23 185.221.87.23	54113 (FASTLY) (FASTLY)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
1	99.84.88.46 99.84.88.46	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.2 99.84.88.2	16509 (AMAZON-02) (AMAZON-02)
1	52.20.246.2 52.20.246.2	14618 (AMAZON-AES) (AMAZON-AES)
1	18.173.187.84 18.173.187.84	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
2	2a05:d018:94a... 2a05:d018:94a:8a02:b408:7d40:7264:595f	16509 (AMAZON-02) (AMAZON-02)
15	184.30.17.133 184.30.17.133	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	54.167.226.184 54.167.226.184	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:6c2f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.196.132.224 18.196.132.224	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:440... 2606:4700:4400::6812:2595	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	141.147.81.223 141.147.81.223	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	52.72.19.156 52.72.19.156	14618 (AMAZON-AES) (AMAZON-AES)
32	18.173.187.26 18.173.187.26	16509 (AMAZON-02) (AMAZON-02)
9	52.2.208.119 52.2.208.119	14618 (AMAZON-AES) (AMAZON-AES)
247	40

80 2606:4700::6812:6e2f (United States)

ASN13335 (CLOUDFLARENET, US)

www.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

eu-images.contentstack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:82ec (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::649 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www3.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

marketingplatform.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.36.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-70.muc50.r.cloudfront.net

static.iris.informa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:b600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:27b5 (United States)

ASN13335 (CLOUDFLARENET, US)

6600d6d98e534115970f9529a45f3195.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-117.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.87.23 (Ireland)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-46.muc50.r.cloudfront.net

cdn.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-2.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.246.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-246-2.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-84.muc50.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:94a:8a02:b408:7d40:7264:595f (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

cognito-identity.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.167.226.184 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-167-226-184.compute-1.amazonaws.com

ads.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:6c2f (United States)

ASN13335 (CLOUDFLARENET, US)

c.darkreading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.132.224 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

eu01.in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2595 (United States)

ASN13335 (CLOUDFLARENET, US)

api.iiris.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.147.81.223 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.72.19.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-19-156.compute-1.amazonaws.com

in.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 18.173.187.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-26.muc50.r.cloudfront.net

cache-ssl.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.2.208.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-208-119.compute-1.amazonaws.com

track.celtra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
81	darkreading.com www.darkreading.com — Cisco Umbrella Rank: 146412 c.darkreading.com — Cisco Umbrella Rank: 367355	992 KB
42	celtra.com ads.celtra.com — Cisco Umbrella Rank: 4215 cache-ssl.celtra.com — Cisco Umbrella Rank: 5156 track.celtra.com — Cisco Umbrella Rank: 4992	700 KB
29	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 www3.doubleclick.net — Cisco Umbrella Rank: 18521 stats.g.doubleclick.net — Cisco Umbrella Rank: 85	252 KB
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 161	493 KB
16	moatads.com z.moatads.com — Cisco Umbrella Rank: 764 mb.moatads.com — Cisco Umbrella Rank: 902 px.moatads.com — Cisco Umbrella Rank: 674	343 KB
13	contentstack.com eu-images.contentstack.com — Cisco Umbrella Rank: 45054	254 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 330	289 KB
4	informa.com static.iris.informa.com — Cisco Umbrella Rank: 51039	327 KB
4	google.com marketingplatform.google.com — Cisco Umbrella Rank: 15898 region1.analytics.google.com — Cisco Umbrella Rank: 2663 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	ml314.com ml314.com — Cisco Umbrella Rank: 1975 in.ml314.com — Cisco Umbrella Rank: 10246	12 KB
3	treasuredata.com cdn.treasuredata.com — Cisco Umbrella Rank: 13421 eu01.in.treasuredata.com — Cisco Umbrella Rank: 22951	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	244 KB
2	iiris.com api.iiris.com — Cisco Umbrella Rank: 151264	2 KB
2	amazonaws.com cognito-identity.eu-west-1.amazonaws.com — Cisco Umbrella Rank: 8544	2 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 710 script.hotjar.com — Cisco Umbrella Rank: 961	60 KB
2	ubembed.com 6600d6d98e534115970f9529a45f3195.js.ubembed.com — Cisco Umbrella Rank: 277379 assets.ubembed.com — Cisco Umbrella Rank: 11934	49 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1441	201 B
1	google.de www.google.de — Cisco Umbrella Rank: 6553	408 B
1	nr-data.net bam.eu01.nr-data.net — Cisco Umbrella Rank: 9363	462 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1719	15 KB
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 592	29 KB
1	gstatic.com fonts.gstatic.com	46 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 554	303 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 787	7 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 32	1 KB
247	26

	Domain	Requested by
79	www.darkreading.com	www.darkreading.com
32	cache-ssl.celtra.com	ads.celtra.com
27	securepubads.g.doubleclick.net	www.darkreading.com pagead2.googlesyndication.com
13	eu-images.contentstack.com	www.darkreading.com
12	px.moatads.com
12	tpc.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net
10	cdn.cookielaw.org	www.darkreading.com cdn.cookielaw.org
9	track.celtra.com
8	pagead2.googlesyndication.com	www.darkreading.com securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
4	static.iris.informa.com	www.darkreading.com
3	z.moatads.com	securepubads.g.doubleclick.net
3	www.googletagmanager.com	www.darkreading.com
2	ml314.com	z.moatads.com ml314.com
2	api.iiris.com	www.darkreading.com
2	eu01.in.treasuredata.com	www.darkreading.com
2	c.darkreading.com	static.iris.informa.com
2	www.google.com	securepubads.g.doubleclick.net www.darkreading.com
2	cognito-identity.eu-west-1.amazonaws.com	www.darkreading.com
1	in.ml314.com	ml314.com
1	mb.moatads.com	z.moatads.com
1	ads.celtra.com	www.darkreading.com
1	assets.ubembed.com	www.darkreading.com
1	ping.chartbeat.net
1	script.hotjar.com	www.darkreading.com
1	cdn.treasuredata.com	www.darkreading.com
1	2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com	www.darkreading.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	bam.eu01.nr-data.net	www.darkreading.com
1	static.hotjar.com	www.darkreading.com
1	6600d6d98e534115970f9529a45f3195.js.ubembed.com	www.darkreading.com
1	static.chartbeat.com	www.darkreading.com
1	marketingplatform.google.com
1	www3.doubleclick.net	1 redirects
1	js-agent.newrelic.com	www.darkreading.com
1	fonts.gstatic.com	fonts.googleapis.com
1	geolocation.onetrust.com	www.darkreading.com
1	static.cloudflareinsights.com	www.darkreading.com
1	connect.facebook.net	www.darkreading.com
1	fonts.googleapis.com	www.darkreading.com
247	41

This site contains links to these domains. Also see Links.

Domain
www.informa.com
dr-resources.darkreading.com
twitter.com
www.linkedin.com
www.facebook.com
www.youtube.com
news.google.com
www.twitter.com
www.reddit.com
assets-global.website-files.com
ve.informaengage.com
www.blackhat.com
darkreading.tradepub.com
www.informationweek.com
informationweek.com
info.wrightsmedia.com
www.informatech.com
www.onetrust.com

Subject Issuer	Validity	Valid
darkreading.com Cloudflare Inc ECC CA-3	`2023-04-09` - `2024-04-08`	a year	crt.sh
*.contentstack.com Gandi Standard SSL CA 2	`2023-07-03` - `2024-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2023-04-01` - `2024-03-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-08` - `2024-03-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2023-11-13` - `2024-11-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
static.iris.informa.com Amazon RSA 2048 M01	`2023-07-04` - `2024-08-01`	a year	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.js.ubembed.com E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
*.eu01.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2023-11-03` - `2024-10-01`	a year	crt.sh
www.google.de GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.treasuredata.com Amazon RSA 2048 M01	`2023-07-19` - `2024-08-16`	a year	crt.sh
*.chartbeat.net Thawte TLS RSA CA G1	`2023-11-20` - `2024-12-20`	a year	crt.sh
assets.ubembed.com Amazon RSA 2048 M03	`2023-12-06` - `2025-01-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cognito-identity.eu-west-1.amazonaws.com Amazon RSA 2048 M02	`2023-05-08` - `2024-06-05`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
celtra.com Amazon RSA 2048 M03	`2023-12-10` - `2025-01-07`	a year	crt.sh
*.in.treasuredata.com Amazon RSA 2048 M02	`2023-05-25` - `2024-06-22`	a year	crt.sh
iiris.com GTS CA 1P5	`2024-01-02` - `2024-04-01`	3 months	crt.sh
event-horizon.gcp.bomm.in GTS CA 1D4	`2024-02-28` - `2024-05-28`	3 months	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
*.ml314.com Amazon RSA 2048 M02	`2023-10-16` - `2024-11-12`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Frame ID: 7C3603A2F4793A2907D862F035A8E8C5
Requests: 178 HTTP requests in this frame

Frame: https://2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF0175A8E3F40C25DA7C4769FA16D792
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/abg_lite_fy2021.js
Frame ID: D967B01B12B00CC175D438EF781E7892
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwY8xGpB3JN5GwSPlnluGQz4Cp2eC_FZ7PQZRDzFbUyZIAdMXSImCvtPVUx6Ie3hQMWY1gTy5-TrD7wS3xerqlE5VNBp-NdswVoG2uvQOqB5U6Ao6vpYpsgdrHTPU0JW9v1nngl1pwgvcCG0Prf0xb3ivytHckoGXwpyRN9bmrNoyD9W0pnf96etgNsCefpl4hfY2XpIgH7QoZpjwHpV7GCPs2_vutnxMU2-1CE9l0AFR9FE6-D6jF5spTmqAnI1Kaov02ez6AS5EVNmHqfLzepMJinru1xQ8p-71tAEnW6St0gw-JQlVeP3aODipAQMv1ZtK8A3Pym5sBYhB2G0QDvQkdv6qu-5ZP_t5tP6Jxm7bEp69EHAowAQth9-2vcxgm9L_4_cedtbh02leHWw&sai=AMfl-YQg8IWE1XtB3tVBqn-Ac0hfO-xtflLVv-QQKoGvvTJxCvrCul00Kn-dWm0gmSsIy7_E3R3L3CzqSjt-2hx8prUXAYbVVo2ahFd_Rx_t_tDQ3uxpP9RFgIGfN6uiLqchvMewOn82Iuk9HGO6x4e2bTQ&sig=Cg0ArKJSzLO7BuNJGzavEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 95ABB5DC2D38833B684AA7D85040EFA6
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvN6kfkkDk-IyQox0RWMNpttLfZdC8MzvUJpJwXnNm79MmR004OqHe6CPYT-_ycbfi9jMxrdxcfY3jm71ewl_zVEJSIBU3jyz0oP_C85jPapxN2yIh4mkY8M4d7Ss9G7aphE3iWvng966TJBAsqVRTvNk7mmmCrRPYl4WhfHhr2Y_NlEKmfuoDAa6ap3adqSMBqpj8Q4WlPUF9-rBsWMDCDAWooxYvhB1uQl7DbH1ZxsRMnToAb_il5GRA2e99FHmEDlRzYUiDa6SDGkwFGo4j9Ne3nSqmyAPA1h7ASwmNqEws9WCsZ764N9IYLAAoVVpP3Z9WVMhQ8OFNF5qy0NxbKf2P2Ga8C17F6K9F0JANt9kt2aOu9dkk4ekUGDWle3zhzaHI-g&sai=AMfl-YSAAFjlzOuTDdaQ0xBDj20lt7Qvv4YtwscpGC_av6fESjdMNDp36ZUDvangKyRWHhr6l9oTnZjB_Nf6G4hZ95W0ILglhX09A-rebZWxNcHqyGyAjPlROvHWp82t1w&sig=Cg0ArKJSzOu43BfUvv1_EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 8CBACFB16B0BDC1165FD4CB90CC516F5
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZEXMKOdw_QiceXtcO8ipmxIIRAlhyqeF51o1dl2Agra2ighhpLPSUDXGd-bDSaU6U5OgA_BVbdjjYR3BRCZqPNZL6Xu8QoOdhgm8eFYgnRdQAHYnxxvg0a__MbHpw8jGH0oVUkzkaHCWRbx6K6Z9OEhmifSPP0xhW7v3j20CYSv2ejnRPa0hUV80n_jB3CKfnUSIP72ntXrVG9hJNc1yxrdZ7_hsN1vDD8t3vjHyozP4TqT_mRVUhCaRVqRZOj-5iglDf1bKduzEgxAMUxtBVK4QIlrMkrNvisTigNA1Z91Tm5AphKRmnR_jw3yxudmUt4UqsenzgpVnGjuGfFWya-zj3n5sVMrxSgkJcmpsyPOxBmGAD20yd_eUg3f6PsCcCroVlDWRsfmk&sai=AMfl-YQIbTKgCnC6mF5UGLPYB9vNoto4ryiNwqqPFYvHlljatxLHCJyl7OamWNQfUR-vZuGTZ97m3tZa7DNL_MljlN3ji5lthpxIe4R3QN9dnAHiaJp80s4V38cwc_rGgw&sig=Cg0ArKJSzCvPxgcaHqTAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: B8AF5551AE889CD59B65723ACA792FBC
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 86421BA46F4776CD87902DC095E9DD78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E04357B24752EA3D5B76FDDB28450038
Requests: 2 HTTP requests in this frame

Frame: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20()%2C-01235689%3AABCDEFGHIKLMNOPQRSTUVWZabcdefghiklmnoprstuvwxy%E2%84%A2
Frame ID: F941B9F7A0CE4C3AF3FCC5709CC2602B
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meet 'XHelper,' the All-in-One Android App for Global Money LaunderingCookies ButtonBack ButtonSearch IconFilter Icon

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Page Statistics

247
Requests

99 %
HTTPS

60 %
IPv6

26
Domains

41
Subdomains

40
IPs

5
Countries

4144 kB
Transfer

11543 kB
Size

22
Cookies

38 Outgoing links

These are links going to different origins than the main page.

URL: https://www.informa.com/
Title: Informa PLC

Search URL Search Domain Scan URL

URL: https://www.informa.com/about-us/
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://www.informa.com/investors/
Title: INVESTOR RELATIONS

Search URL Search Domain Scan URL

URL: https://www.informa.com/talent/
Title: TALENT

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/free/w_defa3135/prgm.cgi
Title: Newsletter Sign-Up

Search URL Search Domain Scan URL

URL: https://twitter.com/DarkReading

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/dark-reading/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/darkreadingcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@DarkReadingOfficialYT

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMKmknwswtq63Aw?ceid=US:en&oc=3&hl=en-US&gl=US

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Search URL Search Domain Scan URL

URL: http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering&title=Meet%20%27XHelper%2C%27%20the%20All-in-One%20Android%20App%20for%20Global%20Money%20Laundering

Search URL Search Domain Scan URL

URL: https://assets-global.website-files.com/635e632477408d12d1811a64/65320d7ba79c7763af31cd3e_Loan%20Apps%20Report_Final.pdf
Title: 40,000 individuals in five continents

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_apii04&ch=sbx&cid=_upcoming_webinars_8.500001396&_mc=_upcoming_webinars_8.500001396
Title: API Security: Protecting Your Application's Attack Surface

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_apii04&ch=SBX&cid=_upcoming_webinars_8.500001411&_mc=_upcoming_webinars_8.500001411
Title: API Security: Protecting Your Application's Attack Surface

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo212&ch=sbx&cid=_upcoming_webinars_8.500001399&_mc=_upcoming_webinars_8.500001399
Title: Securing the Software Development Life Cycle from Start to Finish

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_palo212&ch=SBX&cid=_upcoming_webinars_8.500001409&_mc=_upcoming_webinars_8.500001409
Title: Securing the Software Development Life Cycle from Start to Finish

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_jfro07&ch=sbx&cid=_upcoming_webinars_8.500001405&_mc=_upcoming_webinars_8.500001405
Title: How Supply Chain Attacks Work -- And How to Stop Them

Search URL Search Domain Scan URL

URL: https://ve.informaengage.com/virtual-events/cybersecuritys-hottest-new-technologies-what-you-need-to-know/?ch=sbx&cid=_session_16.500316&_mc=_session_16.500316
Title: Cybersecurity's Hottest New Technologies - Dark Reading March 21 Event

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/asia-24/?cid=_session_16.500313&_mc=_session_16.500313
Title: Black Hat Asia - April 16-19 - Learn More

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/tr-24/?cid=_session_16.500312&_mc=_session_16.500312
Title: Black Hat Spring Trainings - March 12-15 - Learn More

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5682&ch=sbx&cid=_analytics_7.300006009&_mc=_analytics_7.300006009
Title: Industrial Networks in the Age of Digitalization

Search URL Search Domain Scan URL

URL: https://darkreading.tradepub.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5680&ch=sbx&cid=_analytics_7.300006008&_mc=_analytics_7.300006008
Title: Zero-Trust Adoption Driven by Data Protection

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa5678&ch=sbx&cid=_analytics_7.300006007&_mc=_analytics_7.300006007
Title: How Enterprises Assess Their Cyber-Risk

Search URL Search Domain Scan URL

URL: https://www.informationweek.com/whitepaper/cybersecurity/cloud-security/cloud-and-hybrid-security-tooling-report/429603?cid=_analytics_7.300005898&_mc=_analytics_7.300005898
Title: Cloud & Hybrid Security Tooling Report

Search URL Search Domain Scan URL

URL: https://informationweek.com/whitepaper/software/information-management/forrester-report-the-total-economic-impactandtrade-of-bizagi%E2%80%99s-low-code-intelligent-process-automation-platform/429123?cid=_analytics_7.300005896&_mc=_analytics_7.300005896
Title: Forrester Report: The Total Economic Impact Of Bizagi's Low-Code Intelligent Process Automation Platform

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_snyk100&ch=SBX&cid=_whitepaper_14.500005583&_mc=_whitepaper_14.500005583
Title: Cheat Sheet - 5 Strategic Security Checkpoints

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_soph159&ch=sbx&cid=_whitepaper_14.500005565&_mc=_whitepaper_14.500005565
Title: Strengthen Microsoft Defender with MDR

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_soph158&ch=sbx&cid=_whitepaper_14.500005564&_mc=_whitepaper_14.500005564
Title: Stopping Active Adversaries: Lessons from the Cyber Frontline

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_soph157&ch=sbx&cid=_whitepaper_14.500005563&_mc=_whitepaper_14.500005563
Title: Incident Response Planning Guide

Search URL Search Domain Scan URL

URL: https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_soph156&ch=sbx&cid=_whitepaper_14.500005562&_mc=_whitepaper_14.500005562
Title: Endpoint Best Practices to Block Ransomware

Search URL Search Domain Scan URL

URL: https://info.wrightsmedia.com/informa-licensing-reprints-request
Title: Reprints

Search URL Search Domain Scan URL

URL: https://www.informatech.com/

Search URL Search Domain Scan URL

URL: https://www.informa.com/privacy-policy/
Title: Privacy|

Search URL Search Domain Scan URL

URL: https://www.informatech.com/terms-and-conditions/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://www3.doubleclick.net/ HTTP 301
https://marketingplatform.google.com/about/enterprise/

247 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request xhelper-all-in-one-android-app-global-money-laundering Show response
www.darkreading.com/threat-intelligence/ 252 KB
49 KB 1367ms
1352ms Document
text/html 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3ac0447b34a3368cdfa012a62b75542709b93ffcfe99254783b54fbf432b441d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=300, s-maxage=300, stale-while-revalidate=1500, stale-if-error=3600
cf-cache-status: EXPIRED
cf-ray: 85cd64afdcd84d73-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 29 Feb 2024 02:14:22 GMT
last-modified: Thu, 29 Feb 2024 00:59:51 GMT
server: cloudflare
strict-transport-security: max-age=3153600000
vary: Accept-Encoding

GET
H2 200 styles.generated-4XZZNIWX.css
www.darkreading.com/build/_assets/ 8 KB
3 KB 21ms
20ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/styles.generated-4XZZNIWX.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Wed, 31 Jan 2024 16:29:25 GMT
server: cloudflare
age: 2388833
etag: W/"1e46-18d605a9288"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b85f9a4d73-FRA

GET
H2 200 swiper.min-FCSS2HML.css
www.darkreading.com/build/_assets/ 5 KB
3 KB 20ms
19ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/swiper.min-FCSS2HML.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=6255
etag: W/"186f-18bfba43688"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b85f9b4d73-FRA

GET
H2 200 brand.generated-3EDYORMH.css
www.darkreading.com/build/_assets/ 377 KB
47 KB 23ms
22ms Stylesheet
text/css 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_assets/brand.generated-3EDYORMH.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63d546f5345b249fd2bd740a93e4fea13d7d6c3db16591445761e0eea10dd270

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579137
cf-polished: origSize=387121
etag: W/"5e831-18dc174dd30"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b85f9c4d73-FRA

GET
H2 200 Moneylaundering_ronstik_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9118494239f7b189/64f159fd96efc91dee2f8eb7/ 2 KB
3 KB 36ms
8ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9118494239f7b189/64f159fd96efc91dee2f8eb7/Moneylaundering_ronstik_Alamy.jpg?width=850&auto=webp&quality=10&format=jpg&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

54b7be659e9b4877f264d3e20706372dd5b1961f3943a3abd8666c5431a88073

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 1732013
x-cache: HIT, HIT
fastly-io-info: ifsz=154386 idim=1200x800 ifmt=jpeg ofsz=2276 odim=850x567 ofmt=webp
filename1: custom
content-disposition: inline; filename=Moneylaundering_ronstik_Alamy.webp
fastly-stats: io=1
content-length: 2276
x-request-id: 0c3e13964d5173dac6158fec239bb177
x-served-by: cache-ams21021-AMS, cache-fra-eddf8230072-FRA
x-runtime: 96ms
server: contentstack
x-timer: S1709172863.841402,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "1ZMXRXzwmYVgFdleTCkzH1EmUzvycrOTyPx6J2LFSTg"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 19, 1

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 59ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 00:23:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Feb 2024 02:14:22 GMT

GET
H2 200 OtAutoBlock.js Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 14 KB
4 KB 37ms
22ms Script
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/OtAutoBlock.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 40867
content-md5: /FIp/4zYapfYlY6Lvx04NA==
content-length: 3637
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B651FF
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 66f60ca1-801e-000e-0e3e-0d1033000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64b86acf8c49-FRA
expires: Fri, 01 Mar 2024 02:14:22 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 29ms
15ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: OKrCs7nhvutcs03VCUskmw==
age: 77146
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6841
x-ms-lease-status: unlocked
last-modified: Tue, 27 Feb 2024 03:06:26 GMT
server: cloudflare
etag: 0x8DC37411679B650
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3633ee45-101e-00a5-122a-696ff9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64b86ad08c49-FRA

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 89 KB
29 KB 44ms
24ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b48789adc5cb2eca799d1780d20d5c9a9023f6f9fb7f2df02d282d2273f89724

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28677
x-xss-protection: 0
server: cafe
etag: 461 / 19782 / m202402220101 / config-hash: 14569663756423285063
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 02:14:22 GMT

GET
H2 200 4b083961-e2ac-4755-8801-f7c83a5fb187.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/ 5 KB
2 KB 44ms
30ms XHR
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/4b083961-e2ac-4755-8801-f7c83a5fb187.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 71720
content-md5: gKK4h+x/dMka9W5jOr1Sww==
content-length: 1918
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:27 GMT
server: cloudflare
etag: 0x8DAE1C578B1E5D5
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 91fc5fcf-001e-003b-56e1-5a9ab8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64b8dc0f5d4a-FRA
expires: Fri, 01 Mar 2024 02:14:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 357 KB
106 KB 77ms
54ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5523ZCM

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

11cc8f8883427da6cada9351cc0b32f789c4c882ac3b1c28251e8e89c2588093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108867
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Feb 2024 02:14:22 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 119 KB
46 KB 43ms
21ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WB8Q7XR

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ad9790a02b38d895d458a98fb02e707b5031a26f533c545d1f8dd953d46468ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47166
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Feb 2024 02:14:22 GMT

GET
H2 200 informaLogoWhite-RZAE7EJI.png
www.darkreading.com/build/_assets/ 3 KB
3 KB 16ms
16ms Image
image/png 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/informaLogoWhite-RZAE7EJI.png

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
cf-cache-status: HIT
cf-bgj: imgq:100,h2pri
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=4020
etag: W/"fb4-18bfba43688"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
cf-ray: 85cd64b90fd24d73-FRA
content-length: 2815

GET
H2 200 email-decode.min.js Show response
www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
851 B 8ms
8ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Feb 2024 17:10:29 GMT
server: cloudflare
etag: W/"65d8d185-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 85cd64b90fd54d73-FRA
expires: Sat, 02 Mar 2024 02:14:22 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
3 KB 29ms
7ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0aa8d78d022a3a963df6a9f76a741013f5fca235afee22bc9b8b2b36e00724ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Feb 2024 02:14:22 GMT
content-md5: jkzC4GCRQScF3Jo3jhVk9g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: vzdM7JnBV8Yit4E07Kj0ABFCWfgwJ5qS4ZNHL1yP6DBn1O7JgBsxUbVh4iG33XJFamphgQNg68pihR/ByK3tkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 47c76b3225d62c62a348753d8a401b47
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b22fa4653c9a871495a324af1f7062ef"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Thu, 29 Feb 2024 02:25:15 GMT

GET
H2 200 entry.client-VOU2QAI4.js Show response
www.darkreading.com/build/ 546 B
426 B 30ms
19ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/entry.client-VOU2QAI4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=547
etag: W/"223-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fdb4d73-FRA

GET
H2 200 chunk-654PJEY4.js Show response
www.darkreading.com/build/_shared/ 121 KB
40 KB 45ms
35ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-654PJEY4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=124372
etag: W/"1e5d4-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fdc4d73-FRA

GET
H2 200 chunk-ADOFUXDS.js Show response
www.darkreading.com/build/_shared/ 122 KB
28 KB 40ms
30ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ADOFUXDS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=125229
etag: W/"1e92d-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fdd4d73-FRA

GET
H2 200 chunk-KQKZX6A4.js Show response
www.darkreading.com/build/_shared/ 52 KB
18 KB 38ms
28ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-KQKZX6A4.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 7930232
cf-polished: origSize=54355
etag: W/"d453-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fde4d73-FRA

GET
H2 200 chunk-ZSCMMWXX.js Show response
www.darkreading.com/build/_shared/ 1006 B
622 B 30ms
20ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-ZSCMMWXX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=1007
etag: W/"3ef-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fdf4d73-FRA

GET
H2 200 chunk-YTZSTP3V.js Show response
www.darkreading.com/build/_shared/ 2 KB
803 B 37ms
28ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YTZSTP3V.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08478fd91787479d9e3987318987d1f3dc071b3a96c05c1fc50fc0e1f066700a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579137
cf-polished: origSize=1549
etag: W/"60d-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fe04d73-FRA

GET
H2 200 chunk-TFR26LLE.js Show response
www.darkreading.com/build/_shared/ 2 KB
900 B 36ms
26ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-TFR26LLE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 6869415
cf-polished: origSize=1765
etag: W/"6e5-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fe14d73-FRA

GET
H2 200 chunk-LITACPVI.js Show response
www.darkreading.com/build/_shared/ 1 MB
379 KB 80ms
70ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-LITACPVI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2064e516677b38ec4d7329d24f874e9df683d16073e08df603cf9749187b7ce1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 281656
cf-polished: origSize=1232478
etag: W/"12ce5e-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fe24d73-FRA

GET
H2 200 chunk-SS6XXBBA.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 34ms
24ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-SS6XXBBA.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f572538cd0720e84b6defc20ccc3fda0c9819be2560392f6f1c9bdaa562b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579136
cf-polished: origSize=1996
etag: W/"7cc-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fe44d73-FRA

GET
H2 200 chunk-2MQOLYJ6.js Show response
www.darkreading.com/build/_shared/ 99 B
181 B 35ms
25ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-2MQOLYJ6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b91fe54d73-FRA

GET
H2 200 chunk-4OFPQ62H.js Show response
www.darkreading.com/build/_shared/ 99 B
199 B 46ms
37ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4OFPQ62H.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 7762869
cf-polished: origSize=100
etag: W/"64-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fe64d73-FRA

GET
H2 200 chunk-WJZI62VQ.js Show response
www.darkreading.com/build/_shared/ 2 KB
828 B 42ms
33ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WJZI62VQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3fb57ebee72a46e86dce25a7ab85e532ec7d64b02518fe31daa2b39c91e8430

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579136
cf-polished: origSize=1873
etag: W/"751-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fe74d73-FRA

GET
H2 200 chunk-JSLP45NT.js Show response
www.darkreading.com/build/_shared/ 445 B
381 B 47ms
38ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-JSLP45NT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 2987351
cf-polished: origSize=446
etag: W/"1be-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fe84d73-FRA

GET
H2 200 chunk-EJDXW353.js Show response
www.darkreading.com/build/_shared/ 99 B
154 B 49ms
40ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-EJDXW353.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fe94d73-FRA

GET
H2 200 chunk-W42GJVNL.js Show response
www.darkreading.com/build/_shared/ 286 B
319 B 41ms
32ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-W42GJVNL.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 2987350
cf-polished: origSize=287
etag: W/"11f-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fea4d73-FRA

GET
H2 200 chunk-XAGYLX4X.js Show response
www.darkreading.com/build/_shared/ 21 KB
5 KB 50ms
41ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-XAGYLX4X.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77d55e5072dcc84c0f117b535cad7f28ef388cbad410e39952fbea5de5df53f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579136
cf-polished: origSize=21151
etag: W/"529f-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92feb4d73-FRA

GET
H2 200 chunk-QF2327UI.js Show response
www.darkreading.com/build/_shared/ 294 B
301 B 48ms
39ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QF2327UI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 7762869
cf-polished: origSize=295
etag: W/"127-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fec4d73-FRA

GET
H2 200 chunk-UQAKNRZB.js Show response
www.darkreading.com/build/_shared/ 98 KB
31 KB 64ms
55ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-UQAKNRZB.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4cbfaf21207e79bf3dff926bdb0a4df8b95481e064deb0e148a27bca5c366c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579136
cf-polished: origSize=100633
etag: W/"18919-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fed4d73-FRA

GET
H2 200 chunk-3SDCUH3N.js Show response
www.darkreading.com/build/_shared/ 2 KB
819 B 67ms
59ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3SDCUH3N.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

522ff037e66aa34ef6ffa88711d8b765991b86f9ffeca4976c5750bb56f1e3ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579136
cf-polished: origSize=1539
etag: W/"603-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fee4d73-FRA

GET
H2 200 chunk-J56IETE6.js Show response
www.darkreading.com/build/_shared/ 99 B
185 B 66ms
58ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-J56IETE6.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 7929531
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fef4d73-FRA

GET
H2 200 chunk-NQAR3Q2I.js Show response
www.darkreading.com/build/_shared/ 5 KB
2 KB 51ms
43ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NQAR3Q2I.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24a02ac54c4c243167b35a23785d9a9482dcbc2ae44781904bedfffbfb475afe

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579135
cf-polished: origSize=4691
etag: W/"1253-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff04d73-FRA

GET
H2 200 chunk-NYVDH3MD.js Show response
www.darkreading.com/build/_shared/ 99 B
164 B 65ms
57ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-NYVDH3MD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 7944465
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff14d73-FRA

GET
H2 200 chunk-D65FSBQX.js Show response
www.darkreading.com/build/_shared/ 73 KB
24 KB 56ms
48ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-D65FSBQX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dcdf2e5ad826b04f561efbaec9c3dbf35c14e78a46b1b24441744ae4509a14f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579135
cf-polished: origSize=76519
etag: W/"12ae7-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff24d73-FRA

GET
H2 200 chunk-BGVAJVIT.js Show response
www.darkreading.com/build/_shared/ 268 B
291 B 52ms
44ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BGVAJVIT.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 7768634
cf-polished: origSize=269
etag: W/"10d-18c20679af0"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff34d73-FRA

GET
H2 200 chunk-RV3JR3RD.js Show response
www.darkreading.com/build/_shared/ 99 B
155 B 50ms
42ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RV3JR3RD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff44d73-FRA

GET
H2 200 chunk-U4RHUKDM.js Show response
www.darkreading.com/build/_shared/ 99 B
181 B 55ms
47ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-U4RHUKDM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff54d73-FRA

GET
H2 200 chunk-WDD67XQQ.js Show response
www.darkreading.com/build/_shared/ 15 KB
6 KB 69ms
61ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-WDD67XQQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=15141
etag: W/"3b25-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff64d73-FRA

GET
H2 200 chunk-DUTNCQDD.js Show response
www.darkreading.com/build/_shared/ 134 KB
41 KB 71ms
64ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-DUTNCQDD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df9f568395ee2c8e562831b79d6389474c4a0ff4c5c6dbfd355c0cfd6081bb8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579135
cf-polished: origSize=137889
etag: W/"21aa1-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff74d73-FRA

GET
H2 200 chunk-AEBM4IWQ.js Show response
www.darkreading.com/build/_shared/ 99 B
163 B 54ms
47ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-AEBM4IWQ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 7842748
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff84d73-FRA

GET
H2 200 chunk-RLXPUYDF.js Show response
www.darkreading.com/build/_shared/ 214 KB
74 KB 95ms
88ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-RLXPUYDF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11efe79bc9fd298582704ecee9d88a628ac49233ec420ab2cb075dcfc647c019

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579135
cf-polished: origSize=219142
etag: W/"35806-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ff94d73-FRA

GET
H2 200 root-TTOSNFFZ.js Show response
www.darkreading.com/build/ 44 KB
13 KB 74ms
67ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/root-TTOSNFFZ.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99d05e9c814cc9d11bde4f17b37c8658606dbb784365ed7bcf06e5776e6d7ac8

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579135
cf-polished: origSize=44563
etag: W/"ae13-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ffa4d73-FRA

GET
H2 200 chunk-OEUVEBR3.js Show response
www.darkreading.com/build/_shared/ 1 KB
837 B 52ms
45ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-OEUVEBR3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88f755195644054fdb7c99868036a77d7c72634d0d9e925d2e4115f45e5cdd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579135
cf-polished: origSize=1499
etag: W/"5db-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ffb4d73-FRA

GET
H2 200 chunk-BKHV4BSC.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 66ms
59ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-BKHV4BSC.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a198f42d20de2a57d9ca5a07ae2833ad08a545719557e82dce927544761dc70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579134
cf-polished: origSize=3211
etag: W/"c8b-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ffc4d73-FRA

GET
H2 200 chunk-XPGSSNDE.js Show response
www.darkreading.com/build/_shared/ 2 KB
739 B 52ms
46ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-XPGSSNDE.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd49fea6814fed9f383b99f2785e6db968b0b123c2aaefcf06646b713cf0f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579134
cf-polished: origSize=2070
etag: W/"816-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ffd4d73-FRA

GET
H2 200 chunk-W6BTXOFW.js Show response
www.darkreading.com/build/_shared/ 1 KB
680 B 69ms
62ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-W6BTXOFW.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0c38a90f582437785036981d25ebd0daa6fd7c2503efd95ade0f3f70beb5fe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579134
cf-polished: origSize=1240
etag: W/"4d8-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92ffe4d73-FRA

GET
H2 200 chunk-7NWBGMD3.js Show response
www.darkreading.com/build/_shared/ 9 KB
3 KB 90ms
84ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7NWBGMD3.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda8a9c1a34b471d120ba00b83f18dd0a78377fe667d7d4406a4bf2affb63c33

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579134
cf-polished: origSize=9117
etag: W/"239d-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b92fff4d73-FRA

GET
H2 200 chunk-CCGANXAI.js Show response
www.darkreading.com/build/_shared/ 4 KB
2 KB 74ms
68ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-CCGANXAI.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eefaada1164e9e8a3e3939cf7a958e1664d1903b6d211ee1e59ee53c4acec326

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 70379
cf-polished: origSize=4128
etag: W/"1020-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928014d73-FRA

GET
H2 200 chunk-6GEGUMFF.js Show response
www.darkreading.com/build/_shared/ 975 B
703 B 86ms
80ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6GEGUMFF.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 2987350
cf-polished: origSize=976
etag: W/"3d0-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928024d73-FRA

GET
H2 200 chunk-HQRTWE5A.js Show response
www.darkreading.com/build/_shared/ 594 B
444 B 72ms
66ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HQRTWE5A.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 11 Dec 2023 11:34:07 GMT
server: cloudflare
age: 6869415
cf-polished: origSize=595
etag: W/"253-18c58a7e398"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928034d73-FRA

GET
H2 200 chunk-H35OKAUP.js Show response
www.darkreading.com/build/_shared/ 2 KB
826 B 66ms
60ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-H35OKAUP.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885200f33f72cda8f4a18b0efbd4306cc865bf020fb6311fc94b7a474829279a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579134
cf-polished: origSize=1806
etag: W/"70e-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928044d73-FRA

GET
H2 200 chunk-4ID7VBPX.js Show response
www.darkreading.com/build/_shared/ 2 KB
1 KB 84ms
78ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-4ID7VBPX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

687ab36c53d9c5bbede5a39f57873fe5a277d6ea526c70f5e2607cd619c13749

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579134
cf-polished: origSize=2247
etag: W/"8c7-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928054d73-FRA

GET
H2 200 chunk-6A2GLJQM.js Show response
www.darkreading.com/build/_shared/ 99 B
161 B 75ms
69ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-6A2GLJQM.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 7933601
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928064d73-FRA

GET
H2 200 chunk-XEDRC4UX.js Show response
www.darkreading.com/build/_shared/ 225 KB
75 KB 112ms
107ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-XEDRC4UX.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c73e358befe44619ce53bd7a423a0cce31449079ee76764a4ab8ff890bc5f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
cf-polished: origSize=230749
etag: W/"3855d-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928074d73-FRA

GET
H2 200 chunk-3TO4GFWS.js Show response
www.darkreading.com/build/_shared/ 3 KB
1 KB 72ms
66ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3TO4GFWS.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e25d417687518354eac7e2aa73711b88eeb05436d6f037ccdae62be54445dc4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
cf-polished: origSize=3232
etag: W/"ca0-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b928084d73-FRA

GET
H2 200 chunk-YB2PZH4U.js Show response
www.darkreading.com/build/_shared/ 99 B
204 B 101ms
95ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-YB2PZH4U.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012180
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9380b4d73-FRA

GET
H2 200 chunk-GY4YSMUY.js Show response
www.darkreading.com/build/_shared/ 99 B
199 B 68ms
63ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-GY4YSMUY.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 7944464
cf-polished: origSize=100
etag: W/"64-18bfba43688"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9380c4d73-FRA

GET
H2 200 chunk-7ABGLIHU.js Show response
www.darkreading.com/build/_shared/ 99 B
180 B 90ms
85ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-7ABGLIHU.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Thu, 25 Jan 2024 11:38:34 GMT
server: cloudflare
age: 2987350
cf-polished: origSize=100
etag: W/"64-18d406a2290"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9380d4d73-FRA

GET
H2 200 chunk-HV2EFLSR.js Show response
www.darkreading.com/build/_shared/ 2 KB
994 B 92ms
88ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-HV2EFLSR.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b66dc2caf2d59f33ea6903da3157fc23e4ede24d3dcb34cd5f5d86ddcd54d40d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
cf-polished: origSize=2484
etag: W/"9b4-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9380e4d73-FRA

GET
H2 200 chunk-FHB2WX4S.js Show response
www.darkreading.com/build/_shared/ 430 KB
61 KB 103ms
98ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-FHB2WX4S.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4630ec46396be8e67434a3198086f6b6d454836cf6e04d5ec60fa96f205b478

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
cf-polished: origSize=440765
etag: W/"6b9bd-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9380f4d73-FRA

GET
H2 200 chunk-PDDBDQZK.js Show response
www.darkreading.com/build/_shared/ 1 KB
770 B 73ms
69ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-PDDBDQZK.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e53654181ec330a977e2ae08bc92f7fedf0940e47f0e13c1874c5dd14a51fa28

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
cf-polished: origSize=1296
etag: W/"510-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938104d73-FRA

GET
H2 200 chunk-DUM6KF5R.js Show response
www.darkreading.com/build/_shared/ 1000 B
565 B 117ms
112ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-DUM6KF5R.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1abd444f5c85751a19a9e2f75b270a06963412e9e5bfa336976189540bfbe35

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
cf-polished: origSize=1001
etag: W/"3e9-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938114d73-FRA

GET
H2 200 chunk-3MS3TJ6I.js Show response
www.darkreading.com/build/_shared/ 99 B
180 B 109ms
106ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-3MS3TJ6I.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 281655
cf-polished: origSize=100
etag: W/"64-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938124d73-FRA

GET
H2 200 chunk-QWBASLRD.js Show response
www.darkreading.com/build/_shared/ 1 KB
643 B 81ms
77ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/_shared/chunk-QWBASLRD.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981ba30ca7f009ffd04d7f1f9fe473565b6e351a6c08600abf02aec627de015b

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579132
cf-polished: origSize=1062
etag: W/"426-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938134d73-FRA

GET
H2 200 $topic.$slug-CX6HQV25.js Show response
www.darkreading.com/build/routes/ 181 KB
57 KB 105ms
102ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/routes/$topic.$slug-CX6HQV25.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3fa5a8d8426eb2ab1558cab127cf9b104c178882e5afa09b6f456ac7bec77c5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579132
cf-polished: origSize=185770
etag: W/"2d5aa-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938144d73-FRA

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 56ms
39ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 85cd64b93dee18c3-FRA

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 66 B
303 B 54ms
35ms XHR
application/json 2606:4700:4400::ac40:9b77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 85cd64b939ee924a-FRA
access-control-allow-headers: Content-Type

GET
H2 200 Bars-F4G2A5NO.svg
www.darkreading.com/build/_assets/ 554 B
328 B 79ms
79ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Bars-F4G2A5NO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"22a-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938154d73-FRA

GET
H2 200 Search-T2ANYVG5.svg
www.darkreading.com/build/_assets/ 493 B
368 B 87ms
87ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Search-T2ANYVG5.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"1ed-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938164d73-FRA

GET
H2 200 ChevronDown-PF4EH6J6.svg
www.darkreading.com/build/_assets/ 449 B
352 B 96ms
96ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronDown-PF4EH6J6.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"1c1-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938174d73-FRA

GET
H2 200 Clock-MSX4SBCD.svg
www.darkreading.com/build/_assets/ 471 B
384 B 94ms
94ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Clock-MSX4SBCD.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"1d7-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938184d73-FRA

GET
H2 200 Linkedin-VQUF3EEQ.svg
www.darkreading.com/build/_assets/ 400 B
344 B 74ms
74ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Linkedin-VQUF3EEQ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"190-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938194d73-FRA

GET
H2 200 Facebook-CJB5G2HY.svg
www.darkreading.com/build/_assets/ 272 B
311 B 73ms
71ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Facebook-CJB5G2HY.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 7757521
etag: W/"110-18c20679af0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9381a4d73-FRA

GET
H2 200 Twitter-WD5AOEQ7.svg
www.darkreading.com/build/_assets/ 404 B
350 B 83ms
81ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Twitter-WD5AOEQ7.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579036
etag: W/"194-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9381b4d73-FRA

GET
H2 200 Email-47H7P533.svg
www.darkreading.com/build/_assets/ 777 B
539 B 76ms
74ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Email-47H7P533.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"309-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9381c4d73-FRA

GET
H2 200 Reddit-5TRN6TDE.svg
www.darkreading.com/build/_assets/ 1 KB
729 B 78ms
77ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Reddit-5TRN6TDE.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"471-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9381e4d73-FRA

GET
H2 200 Printer-U5RDBVFZ.svg
www.darkreading.com/build/_assets/ 741 B
526 B 83ms
82ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Printer-U5RDBVFZ.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"2e5-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938204d73-FRA

GET
H2 200 ChalkBoard-7VYJPH3F.svg
www.darkreading.com/build/_assets/ 752 B
486 B 89ms
89ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChalkBoard-7VYJPH3F.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Nov 2023 13:25:10 GMT
server: cloudflare
age: 7768355
etag: W/"2f0-18c20679af0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938214d73-FRA

GET
H2 200 ChevronRight-W5LPP5NG.svg
www.darkreading.com/build/_assets/ 305 B
312 B 98ms
97ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/ChevronRight-W5LPP5NG.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8009829
etag: W/"131-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938224d73-FRA

GET
H2 200 Date-KJRS72FO.svg
www.darkreading.com/build/_assets/ 1 KB
489 B 77ms
77ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Date-KJRS72FO.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012179
etag: W/"54d-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938234d73-FRA

GET
H2 200 Document-NG4YMZFA.svg
www.darkreading.com/build/_assets/ 801 B
456 B 78ms
78ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Document-NG4YMZFA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 23 Nov 2023 10:05:25 GMT
server: cloudflare
age: 8012165
etag: W/"321-18bfba43688"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938244d73-FRA

GET
H2 200 Youtube-S4PSC4UA.svg
www.darkreading.com/build/_assets/ 570 B
397 B 75ms
75ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/Youtube-S4PSC4UA.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 577973
etag: W/"23a-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938254d73-FRA

GET
H2 200 RSS-3XFHIVCK.svg
www.darkreading.com/build/_assets/ 632 B
439 B 73ms
73ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/RSS-3XFHIVCK.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 578736
etag: W/"278-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938264d73-FRA

GET
H2 200 GoogleNews-6O72APW7.svg
www.darkreading.com/build/_assets/ 897 B
554 B 86ms
86ms Image
image/svg+xml 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.darkreading.com/build/_assets/GoogleNews-6O72APW7.svg

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 577973
etag: W/"381-18dc174dd30"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b938274d73-FRA

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 64ms
0ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:51:09 GMT
x-content-type-options: nosniff
age: 148993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 26 Feb 2025 08:51:09 GMT

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 25ms
0ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 3809402
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d072c12c3aaefff5965b1c240efd969f
x-served-by: cache-ams12722-AMS, cache-fra-eddf8230072-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1709172863.936435,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4795, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 126 B
406 B 27ms
0ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

f02edc287b721a068471a9e12391d5ec4310291401d61f578bba197c1a6ac148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 2250850
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=126 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 126
x-request-id: 86403647692af6a86ca615f9f1dfadd4
x-served-by: cache-ams12769-AMS, cache-fra-eddf8230072-FRA
x-runtime: 98ms
server: contentstack
x-timer: S1709172863.937032,VS0,VE4
x-contentstack-organization: blt5948195ac13977b0
etag: "tNrp/qpYdUqWfJ34ReXQmSxVICx4Nkfiuw2bUIruFd8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 906 B
1 KB 28ms
0ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=400&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

78977aa7e48ac3ada126337dcb1135aef21a49c3371cb081e75b7e52397ab906

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img06-europe-west2
age: 2250850
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=906 odim=400x419 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 906
x-request-id: 75ca84e6df6b95c79966d873c0fd36d3
x-served-by: cache-ams12769-AMS, cache-fra-eddf8230072-FRA
x-runtime: 109ms
server: contentstack
x-timer: S1709172863.937014,VS0,VE6
x-contentstack-organization: blt5948195ac13977b0
etag: "mSV8bR8qcRiajnJZ9er0odx7U2hZRqOhc+2tz0Px2X8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 1

GET
H2 200 UHAUL_LHImages_alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt90818ea7afd02ada/65de57dc83aa0d040ac8435b/ 2 KB
2 KB 20ms
0ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt90818ea7afd02ada/65de57dc83aa0d040ac8435b/UHAUL_LHImages_alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

08e80b071eebc4d49557e0a60ed2da7df37d69d32578c4b8944b3bb336729fa8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img07-europe-west2
age: 102561
x-cache: HIT, HIT
fastly-io-info: ifsz=319740 idim=1200x800 ifmt=jpeg ofsz=1838 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=UHAUL_LHImages_alamy.webp
fastly-stats: io=1
content-length: 1838
x-request-id: ab8a45fc01810bddb8b70fba3c44e66b
x-served-by: cache-ams21057-AMS, cache-fra-eddf8230072-FRA
x-runtime: 54ms
server: contentstack
x-timer: S1709172863.937007,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "hT/6H/1GXF7OthFjj+RFaBt7IT8H0fjerpReaAsvBzc"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 24, 1

GET
H2 200 NIST_Borka_Kiss_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt798a92c8e406a0e1/65dcdd270f7fab040aa0e8b7/ 1 KB
2 KB 21ms
0ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt798a92c8e406a0e1/65dcdd270f7fab040aa0e8b7/NIST_Borka_Kiss_Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

494f4d3d22248a07094bca724486db0a83907141c5b3a887c60ec4b35c5d4dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img10-europe-west2
age: 199511
x-cache: HIT, HIT
fastly-io-info: ifsz=971744 idim=5333x3100 ifmt=jpeg ofsz=1108 odim=700x407 ofmt=webp
filename1: custom
content-disposition: inline; filename=NIST_Borka_Kiss_Alamy.webp
fastly-stats: io=1
content-length: 1108
x-request-id: 206306bf4568fbc6d892d885f77ec199
x-served-by: cache-ams21054-AMS, cache-fra-eddf8230072-FRA
x-runtime: 51ms
server: contentstack
x-timer: S1709172863.937540,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "aMB8DMr6xmt8Jkk4jnA+sBr7R170uOL87ozoLImDweE"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 7, 1

GET
H2 200 china_Rokas_Tenys_shuttertock.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltf6cafe33fc793318/65c657c5676af4040a246628/ 2 KB
2 KB 19ms
0ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltf6cafe33fc793318/65c657c5676af4040a246628/china_Rokas_Tenys_shuttertock.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

7115adc7ad7236bb3fc2fd6bcf3af81bb0da82a6931e853f1753b39f256f8576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:22 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 549791
x-cache: HIT, HIT
fastly-io-info: ifsz=11509729 idim=6000x4000 ifmt=jpeg ofsz=1938 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=china_Rokas_Tenys_shuttertock.webp
fastly-stats: io=1
content-length: 1938
x-request-id: 15ba971137f0a40a474d5cf166115307
x-served-by: cache-ams12770-AMS, cache-fra-eddf8230072-FRA
x-runtime: 142ms
server: contentstack
x-timer: S1709172863.936987,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "+WteZq8lYk0dU9ARyP0Wavc+hveamGBjfmOkc8YYmaA"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 12, 1

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/ 428 KB
135 KB 23ms
0ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 00:13:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7280
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137662
x-xss-protection: 0
server: cafe
etag: 2919427224111863329
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 28 Feb 2025 00:13:02 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.39.0/ 372 KB
89 KB 24ms
14ms Script
application/javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/otBannerSdk.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Zp/CcrZmK7hQ2S6c/t9Tpw==
age: 77107
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 90454
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:04 GMT
server: cloudflare
etag: 0x8DA87805EB35DE2
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7531ee9b-301e-0079-330a-15c5a7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64b99b388c49-FRA

GET
H2 200 manifest-11E6791A.js Show response
www.darkreading.com/build/ 34 KB
3 KB 27ms
13ms Script
application/javascript 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/build/manifest-11E6791A.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d6bcef001c13b903f6de6e2548a6269d4839314776fff9405d8bfe7dee9963d

Security Headers

Name	Value
Strict-Transport-Security	max-age=3153600000

Request headers

Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=3153600000
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Mon, 19 Feb 2024 13:01:18 GMT
server: cloudflare
age: 579133
etag: W/"8764-18dc174dd30"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
cf-ray: 85cd64b9b85e4d73-FRA

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/ 81 KB
18 KB 34ms
34ms Fetch
application/x-javascript 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/4b083961-e2ac-4755-8801-f7c83a5fb187/657fbdf5-ad27-4981-b321-b96d0ec59709/en.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 53363
content-md5: NMyqdpBtpYEfMyyUOi/oVQ==
content-length: 18270
x-ms-lease-status: unlocked
last-modified: Mon, 19 Dec 2022 13:32:33 GMT
server: cloudflare
etag: 0x8DAE1C57C3EAB90
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 361060ce-b01e-003a-5c53-1423fb000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64ba2c6c5d4a-FRA
expires: Fri, 01 Mar 2024 02:14:23 GMT

GET
H2 200 nr-spa-1.252.0.min.js Show response
js-agent.newrelic.com/ 88 KB
29 KB 26ms
6ms Script
application/javascript 2a04:4e42::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-spa-1.252.0.min.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::649 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: 1zTB_zIu9GsCJr9CnWa8NksGpEL6v25e
content-encoding: br
via: 1.1 varnish
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=300
x-amz-request-id: 5E1XWXKWZT4Q47QR
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 29571
x-amz-id-2: at7mrRrouoz2tfKGc3hqMZhGq8gY1P70lzKNHde27BcoCqTHmRfqri3jElW+kATmHT7njH28HwU=
x-served-by: cache-fra-etou8220037-FRA
last-modified: Tue, 13 Feb 2024 00:41:07 GMT
server: AmazonS3
etag: "1b4209d0ae18545976f7eb2c5f94d6b0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 912421

HEAD
H2

200

/
marketingplatform.google.com/about/enterprise/
Redirect Chain

https://www3.doubleclick.net/
https://marketingplatform.google.com/about/enterprise/

0
0

35ms
15ms

Fetch
text/html

2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketingplatform.google.com/about/enterprise/
Protocol: H2
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Redirect headers

date: Thu, 29 Feb 2024 02:03:03 GMT
x-content-type-options: nosniff
server: sffe
age: 680
content-type: text/html; charset=UTF-8
location: https://marketingplatform.google.com/about/enterprise/
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0
expires: Thu, 29 Feb 2024 02:33:03 GMT

GET
H2 200 iris-recommend.js Show response
static.iris.informa.com/widgets/v3/ 1 MB
299 KB 52ms
14ms Script
application/javascript 108.138.36.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3/iris-recommend.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-70.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3e41b4b05bdcccb0da8ec37f77e2ef63db46cc8184ce8acaef48b85861608eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 14:55:22 GMT
x-amz-version-id: j8bQ93C7lUpWfrqmx6VEgWnbfkwGWoCv
content-encoding: br
last-modified: Fri, 16 Feb 2024 11:41:03 GMT
server: AmazonS3
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
etag: W/"c414394730fe9af12c6e2c6c7085c352"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 40742
x-amz-cf-id: h3B83uiYRHSNxuAZm8JnAgA5DNnddWFtCO6SaSWfaEDipOJSc6u0hw==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 270 KB
91 KB 24ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

158ef3ffbaff87a536860183add91e01bf0bad4c3845a469204a47406ecc7c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93009
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 29 Feb 2024 02:14:23 GMT

GET
H2 200 iris-t.js Show response
static.iris.informa.com/widgets/v3.0/ 14 KB
5 KB 43ms
15ms Script
application/javascript 108.138.36.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/v3.0/iris-t.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-70.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2198f9c819947e6557b06cd53a4804d4a9a2377500ed131d17e83359f12df4f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 14:55:18 GMT
x-amz-version-id: JCj5oZWwFy6f5XDT3S5o29v61M74KIOI
content-encoding: br
last-modified: Wed, 13 Dec 2023 10:06:07 GMT
server: AmazonS3
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
etag: W/"70f51402b25ef5848b8c59b06c3efb78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
age: 40746
x-amz-cf-id: xQqVou-gQBWHMns9MEdCz4dehCf7UHkpH0syD2pMCqoS6DEHoFb25g==

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 38 KB
15 KB 59ms
12ms Script
application/x-javascript 2600:9000:237d:b600:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:b600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:29:38 GMT
content-encoding: gzip
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
last-modified: Thu, 21 Dec 2023 01:03:21 GMT
server: nginx
x-amz-cf-pop: MUC50-P2
age: 67485
etag: W/"65838ed9-9630"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 2rhBXzonYPSb4CgEbYaL1qMBFhsBF4M_2EjWT28Fyc1XxxSoCqkfDA==
expires: Thu, 29 Feb 2024 07:29:38 GMT

GET
H2 200 / Show response
6600d6d98e534115970f9529a45f3195.js.ubembed.com/ 478 B
734 B 68ms
21ms Script
application/javascript 2606:4700:4400::6812:27b5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6600d6d98e534115970f9529a45f3195.js.ubembed.com/
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:27b5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c0c3435d7989e8cc6968d741c016e80e6b73f479a979d3e6fb04d9c69e33ad13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
cf-cache-status: HIT
server: cloudflare
age: 3392
etag: W/"aaab40e12ca91eabbcb0f8f10bd5715a-v0.180.1"
vary: Accept-Encoding, Referer
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
cf-ray: 85cd64bb39323a9e-FRA

GET
H2 200 hotjar-2610568.js Show response
static.hotjar.com/c/ 13 KB
6 KB 48ms
21ms Script
application/javascript 18.66.192.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-2610568.js?sv=6

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-117.muc50.r.cloudfront.net

Software

Resource Hash

ad5cc6ff21dcea74d8993cc061a6537b9645231fb85b173a27945ebea1e302d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 48
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/04621006e9ff77b6e4b79beb2f7325ce
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=60
x-cache-hit: 1
x-amz-cf-id: HgopEfOEHcIS5WqoNpg8uU6pZpL2Dxyr6RpDnpgYZNc7yOdmTiZZAw==

POST
H2 204 rum Show response
www.darkreading.com/cdn-cgi/ 0
185 B 11ms
10ms XHR
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.darkreading.com/cdn-cgi/rum?

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: Vw8EV1VXABAFVVVSAggEVlE=
tracestate: 3288925@nr=0-1-3936348-538480682-b609f929306044c5----1709172863204
traceparent: 00-04f594ee533606b7d547353360b20376-b609f929306044c5-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjM5MzYzNDgiLCJhcCI6IjUzODQ4MDY4MiIsImlkIjoiYjYwOWY5MjkzMDYwNDRjNSIsInRyIjoiMDRmNTk0ZWU1MzM2MDZiN2Q1NDczNTMzNjBiMjAzNzYiLCJ0aSI6MTcwOTE3Mjg2MzIwNCwidGsiOiIzMjg4OTI1In19
content-type: application/json
Referer: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.darkreading.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 85cd64bb08b74d73-FRA

GET
H2 200 otFloatingRoundedIcon.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 16 KB
4 KB 20ms
19ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otFloatingRoundedIcon.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Mbb70m5YOd2/+METBtRttw==
age: 36236
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 3803
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:56 GMT
server: cloudflare
etag: 0x8DA87805A12E7D8
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cc8087dd-c01e-00e1-07e1-5a3f93000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64bb1cab5d4a-FRA

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/ 64 KB
13 KB 18ms
18ms Fetch
application/json 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/v2/otPcPanel.json

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Kw22gRKC0ogRtsT2RwAR9Q==
age: 2972
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 13290
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:30:57 GMT
server: cloudflare
etag: 0x8DA87805AF0078C
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2f2e397c-701e-0068-1a77-145f13000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64bb1cac5d4a-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.39.0/assets/ 22 KB
5 KB 17ms
17ms Fetch
text/css 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.39.0/assets/otCommonStyles.css

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: B55i3ZY9miZIaUrwjufy0w==
age: 18730
x-ms-lease-status: unlocked
last-modified: Fri, 26 Aug 2022 16:31:09 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 55d7051a-201e-0017-22ff-219088000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85cd64bb1cae5d4a-FRA

GET
H2 200 mushroom_cloud_nuclear-SunFlowerStudio-Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc59c593bedf0d0cc/65d8ad14d7e7df040ab9c8e2/ 2 KB
3 KB 8ms
8ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltc59c593bedf0d0cc/65d8ad14d7e7df040ab9c8e2/mushroom_cloud_nuclear-SunFlowerStudio-Alamy.jpg?width=700&auto=webp&quality=10&disable=upscale&blur=40

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

173f5f7ac4a5ea699ae7222623eb58deacd1f5ba6dcab888b9d43abc766e5079

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img04-europe-west2
age: 473962
x-cache: HIT, HIT
fastly-io-info: ifsz=3685046 idim=8447x6604 ifmt=jpeg ofsz=2144 odim=700x547 ofmt=webp
filename1: custom
content-disposition: inline; filename=mushroom_cloud_nuclear-SunFlowerStudio-Alamy.webp
fastly-stats: io=1
content-length: 2144
x-request-id: ea73d111db2cc936403ecb019a7bf311
x-served-by: cache-ams21026-AMS, cache-fra-eddf8230072-FRA
x-runtime: 66ms
server: contentstack
x-timer: S1709172863.216060,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "WJFzi5k6L96Ugh3DQ66vTTEZaHJPWYdq/aUQssz8Z5M"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 28, 1

GET
H2 200 Logo_-_Dark_Reading.svg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/ 3 KB
2 KB 9ms
7ms Image
image/svg+xml 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blte9ead971f13c662e/65437029846d7c040a6e588d/Logo_-_Dark_Reading.svg?width=476&auto=webp&quality=80&disable=upscale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
fastly-io-error: not a supported image format
strict-transport-security: max-age=31557600
content-encoding: gzip
fastly-io-served-by: img06-europe-west2
age: 3809402
x-cache: HIT, HIT
filename1: custom
content-disposition: inline; filename=Logo_-_Dark_Reading.svg+xml
fastly-stats: io=1
content-length: 1435
x-request-id: d072c12c3aaefff5965b1c240efd969f
x-served-by: cache-ams12722-AMS, cache-fra-eddf8230072-FRA
x-runtime: 55ms
server: contentstack
x-timer: S1709172863.219753,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
vary: Accept
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 4431, 1

GET
H2 200 UHAUL_LHImages_alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt90818ea7afd02ada/65de57dc83aa0d040ac8435b/ 67 KB
68 KB 10ms
9ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt90818ea7afd02ada/65de57dc83aa0d040ac8435b/UHAUL_LHImages_alamy.jpg?width=700&auto=webp&quality=80&disable=upscale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

43c2a61b8866d16d591eb248ba619d12148cf81667bc293be6a39de84110552d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img07-europe-west2
age: 102562
x-cache: HIT, HIT
fastly-io-info: ifsz=319740 idim=1200x800 ifmt=jpeg ofsz=69116 odim=700x467 ofmt=webp
filename1: custom
content-disposition: inline; filename=UHAUL_LHImages_alamy.webp
fastly-stats: io=1
content-length: 69116
x-request-id: ab8a45fc01810bddb8b70fba3c44e66b
x-served-by: cache-ams21057-AMS, cache-fra-eddf8230072-FRA
x-runtime: 54ms
server: contentstack
x-timer: S1709172863.219942,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "RS0n4BJ9phZYlpEOCCUjj3slwnDiR3FggCqmYJm2krQ"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 20, 1

GET
H2 200 NIST_Borka_Kiss_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt798a92c8e406a0e1/65dcdd270f7fab040aa0e8b7/ 37 KB
38 KB 18ms
16ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt798a92c8e406a0e1/65dcdd270f7fab040aa0e8b7/NIST_Borka_Kiss_Alamy.jpg?width=700&auto=webp&quality=80&disable=upscale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

cb2b4f80472d063991ccdeff84713f13faa6e6e380318f37ab9959df29256bf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img10-europe-west2
age: 199511
x-cache: HIT, HIT
fastly-io-info: ifsz=971744 idim=5333x3100 ifmt=jpeg ofsz=37902 odim=700x407 ofmt=webp
filename1: custom
content-disposition: inline; filename=NIST_Borka_Kiss_Alamy.webp
fastly-stats: io=1
content-length: 37902
x-request-id: 206306bf4568fbc6d892d885f77ec199
x-served-by: cache-ams21054-AMS, cache-fra-eddf8230072-FRA
x-runtime: 51ms
server: contentstack
x-timer: S1709172863.219923,VS0,VE2
x-contentstack-organization: blt5948195ac13977b0
etag: "CFVTbSA3z0139Y2AJefQu8RN5niHNkZpGqKqBprsfjM"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 6, 1

GET
H2 200 Nate-Nelson_(1).jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/ 3 KB
4 KB 9ms
8ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt00df7fa701809c8c/64f15c901c6887515143a4d1/Nate-Nelson_(1).jpg?width=100&auto=webp&quality=80&disable=upscale

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img02-europe-west2
age: 896679
x-cache: HIT, HIT
fastly-io-info: ifsz=234689 idim=881x923 ifmt=jpeg ofsz=3376 odim=100x105 ofmt=webp
filename1: custom
content-disposition: inline; filename=Nate-Nelson_(1).webp
fastly-stats: io=1
content-length: 3376
x-request-id: b59871c387f23bdedc07c4127ab539dd
x-served-by: cache-ams12769-AMS, cache-fra-eddf8230072-FRA
x-runtime: 123ms
server: contentstack
x-timer: S1709172863.220082,VS0,VE1
x-contentstack-organization: blt5948195ac13977b0
etag: "qPc4Ej0Icam3tgfIlB+gqtt4GyFe8VrlHnMKfkTmDM4"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 13, 1

GET
H2 200 Moneylaundering_ronstik_Alamy.jpg
eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt9118494239f7b189/64f159fd96efc91dee2f8eb7/ 128 KB
128 KB 29ms
28ms Image
image/webp 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

contentstack /

Resource Hash

db548d5bee139736292e468cb807f09f3bdf053b48e1bfcda0a7495cbcd75c1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=31557600
fastly-io-served-by: img09-europe-west2
age: 1732014
x-cache: HIT, HIT
fastly-io-info: ifsz=154386 idim=1200x800 ifmt=jpeg ofsz=130940 odim=850x567 ofmt=webp
filename1: custom
content-disposition: inline; filename=Moneylaundering_ronstik_Alamy.webp
fastly-stats: io=1
content-length: 130940
x-request-id: 0c3e13964d5173dac6158fec239bb177
x-served-by: cache-ams21021-AMS, cache-fra-eddf8230072-FRA
x-runtime: 96ms
server: contentstack
x-timer: S1709172863.220071,VS0,VE22
x-contentstack-organization: blt5948195ac13977b0
etag: "yum30VRJQz8fiMDsE7eAYwyhEvN5z89vcbzBO55/B+k"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: content-disposition, content-type, cache-control, status, content-length
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 21, 1

POST
H/1.1 200 NRJS-26ae6a3b09493bbcc87 Show response
bam.eu01.nr-data.net/1/ 40 B
462 B 65ms
20ms XHR
text/plain 185.221.87.23
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-26ae6a3b09493bbcc87?a=514059305&v=1.252.0&to=MhBSZQoZWEEDU0ZaXgtadUkIClNBEVpBHHYgIR8eUg%3D%3D&rst=1825&ck=0&s=084d16b752be7033&ref=https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering&hr=0&tt=38225d378c78b2b7&af=err,xhr,stn,ins,spa&ap=173.337938&be=1368&fe=370&dc=213&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1709172861400,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:7,%22ce%22:16,%22rq%22:16,%22rp%22:1368,%22rpe%22:1466,%22di%22:1579,%22ds%22:1581,%22de%22:1581,%22dc%22:1737,%22l%22:1737,%22le%22:1738%7D,%22navigation%22:%7B%7D%7D&fp=1479
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5ca742541d65d718402499ed1d84d003258ce2116562169b85744cf7d798485a

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
server: istio-envoy
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230102-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
257 B 58ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-1X1EHQ3PFR&gtm=45je42q1v873922772z8891172384za200&_p=1709172862875&_gaz=1&gcd=13l3l3l2l3&npa=1&dma_cps=sypham&dma=1&cid=1908084774.1709172863&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&dr=&dt=Meet%20%27XHelper%2C%27%20the%20All-in-One%20Android%20App%20for%20Global%20Money%20Laundering&dl=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&sid=1709172863&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.content_type=article&ep.content_format=News&ep.content_publish_date=Feb%2029%2C%202024&ep.content_sub_brand=value%20not%20set&ep.content_buyer_journey=value%20not%20set&ep.content_id=bltcdcd4c566d16ef7e&ep.content_title=Meet%20%27XHelper%2C%27%20the%20All-in-One%20Android%20App%20for%20Global%20Money%20Laundering&ep.content_legacy_path=value%20not%20set&ep.content_contributor=Nate%20Nelson&ep.content_keyword=value%20not%20set&ep.content_series=value%20not%20set&ep.content_sponsor=value%20not%20set&ep.content_main_topic=Threat%20Intelligence&ep.content_additional_topics=Cybersecurity%20Operations&ep.gtm_container_detail=GTM-5523ZCM%7C103&ep.ad_unit_path_code=3834%2Fdarkreading.home%2Farticle%2Fthreat-intelligence&ep.content_program=value%20not%20set&ep.content_group=Threat%20Intelligence&ep.content_all_topics=cybersecurity%20operations%7Cthreat%20intelligence&tfd=1854
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 02:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 73ms
25ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1X1EHQ3PFR&cid=1908084774.1709172863&gtm=45je42q1v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1X1EHQ3PFR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 02:14:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 37ms
17ms Image
image/gif 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1X1EHQ3PFR&cid=1908084774.1709172863&gtm=45je42q1v873922772z8891172384za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l3&npa=1&z=1497571324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 817 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Informa_Logo_1Line_Indigo_Grad_RGB.jpg
cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/ 145 KB
145 KB 16ms
16ms Image
image/jpeg 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/c1f53e84-9f05-4169-a854-85052b63c50b/ce37e4cd-9426-40d2-9adb-174d6acdf507/b0d971e9-0178-47c1-aace-784223d87041/Informa_Logo_1Line_Indigo_Grad_RGB.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8NigNwrkdBmjWsQuvIR/Tg==
age: 62512
content-length: 148084
x-ms-lease-status: unlocked
cf-bgj: h2pri
last-modified: Fri, 26 Nov 2021 15:49:29 GMT
server: cloudflare
etag: 0x8D9B0F4552FB1EF
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-ms-request-id: 286fded7-101e-008a-2bbf-216232000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 85cd64bbbc468c49-FRA

GET
H2 200 powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 5 KB
2 KB 14ms
14ms Image
image/svg+xml 2606:4700::6812:82ec
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/powered_by_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:82ec , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: Y+c301RBZNK39PvKQWrIBw==
age: 77147
x-ms-lease-status: unlocked
last-modified: Tue, 27 Feb 2024 03:06:33 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: 360756de-601e-0039-6c30-69c29f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 85cd64bbbc478c49-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 971 B
529 B 63ms
63ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863365&lmt=1709168391&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1600x5847&msz=1600x0&fws=0&ohw=0&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dwelcome_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2266329518&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfe85fc28aeffcff330272c09dc848768dd475cde13557cbb05f89c949205ca4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 499
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
369 B 58ms
57ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863369&lmt=1709168391&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1600x5847&msz=1600x0&fws=0&ohw=0&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dbigsky_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2064109412&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a9b67a0e017f357f50cfde85c25b19337d31f64c42dca8f5e5bc51717f71e6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
255 B 49ms
49ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=3&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863371&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_1v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3163609784&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ba2a77e8e0f22d7d7056f3212a62ae5b8ea692c8f71a196e5bffd51adf5e89c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
255 B 43ms
43ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=4&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863372&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_2v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=801778401&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f8cfae7be96aa10d0025b82a624ec7a098ad4ea0ef199df96456b3852e723d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
256 B 47ms
47ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=5&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863373&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_3v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2688451131&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cc994041fe3887705c29e88b9ef56469746b511cc553d3a71e5bc009a1101cbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 227
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
369 B 71ms
71ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=6&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863374&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_4v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1989837660&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

403bd4ff618ce662e06268c6f5223b2b281e053075e118464c54089e247d0f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
375 B 59ms
59ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=7&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863375&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_5v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1016483486&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4ed80b146a8d13c943de20ded2c469e90eedf4f3ed358823fd6d66d158264f83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
370 B 68ms
67ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=8&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863376&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_6v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2718966454&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bee6678ef8e60bd87cc364c870c0c5820a584d6068330cf7f25d418a61940fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 340
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
369 B 79ms
78ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=9&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863377&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_7v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=244923787&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48a51303165c76c1758a2ae08f186ac7e34ce07e844a9d7b8138123249abf587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 339
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
257 B 54ms
54ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=100x40&ifi=10&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863378&lmt=1709168391&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D100_8v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2004568867&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535eb451323412aa6e816e75127e5977cfaf2a0f997a7cecb858abae529605d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 80ms
80ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=11&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1709172863379&lmt=1709168391&adxs=800&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1036x5180&msz=1036x0&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dwallpaper_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3568718387&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89503620f97d81e90b18ddaac9363e04c109891acc96b715020a9686f8c3ce51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13955
x-xss-protection: 0
google-lineitem-id: 6433455104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138455781038
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 543 B
255 B 50ms
50ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=12&sfv=1-0-40&ists=1&sc=1&cookie_enabled=1&abxe=1&dt=1709172863380&lmt=1709168391&adxs=800&adys=300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1036x5180&msz=1036x1&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Doop_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=4281914279&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a558022abfa4a48519253a4f865bff33d0e2da300baf8c1ac7ec9e0a1e2dab37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 787 B
375 B 64ms
64ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=13&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863381&lmt=1709168391&adxs=800&adys=301&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1036x5180&msz=1036x1&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dfloor_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=1131225635&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7dddadec953c70fd089e33214903e69068eb0a065ffce8a7c59e72a866cae97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 345
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 793 B
380 B 86ms
86ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=14&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863382&lmt=1709168391&adxs=800&adys=5429&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1036x5180&msz=1036x1&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dadhesion_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=3728273033&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0409e4394d90bda770edeb9ab6fe90902c7b7a3b7589c7c72f8b4739780457b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 350
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 64ms
22ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202402220101&st=env

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1d7c156b23da63337045479de33a72ce2f863c09d1c766e54fb9d1f051ea44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12406
x-xss-protection: 0

GET
H2 200 container.html Show response
2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF01 6 KB
3 KB 81ms
48ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 02:14:23 GMT
expires: Fri, 28 Feb 2025 02:14:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ZGFya3JlYWRpbmcuY29t.json Show response
static.iris.informa.com/widgets/config/cdl/ 24 B
492 B 185ms
159ms Fetch
binary/octet-stream 108.138.36.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/widgets/config/cdl/ZGFya3JlYWRpbmcuY29t.json
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-70.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: rR96SWqxdC6RFg.yCtn7XL4AuxoTa4oV
date: Thu, 29 Feb 2024 02:14:24 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-length: 24
last-modified: Tue, 28 Feb 2023 08:49:48 GMT
server: AmazonS3
etag: "d14dcd26bd0521dd67cdde302d3ac4a2"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: da2TGzVW_K9ZrXSqPrDxbpZCh15ru5cz2rB8O-kre4BCDTZ1Nt3zHg==

GET
H2 200 f23io39d.js Show response
static.iris.informa.com/ 70 KB
23 KB 12ms
12ms Script
application/javascript 108.138.36.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.iris.informa.com/f23io39d.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-70.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: r.70SgccGRmRk8cXfo6q55SZB1TmHyVy
content-encoding: gzip
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
date: Wed, 28 Feb 2024 03:11:20 GMT
last-modified: Thu, 02 Sep 2021 16:02:23 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 83334
x-amz-server-side-encryption: AES256
etag: W/"a790df23a63287b42b6e7324cb81afd9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: ah53QWDJyKIgUSn3l_yQgSWrfEWEcgHxT1QvsCK4a040sODJhmsZIA==

GET
H/1.1 200
OK td.min.js Show response
cdn.treasuredata.com/sdk/3.0/ 58 KB
19 KB 46ms
13ms Script
application/javascript 99.84.88.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.treasuredata.com/sdk/3.0/td.min.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.88.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-46.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Mon, 15 Jan 2024 08:40:28 GMT
Content-Encoding: gzip
Via: 1.1 47b2ce4c0cbd550c326fba9b552b2176.cloudfront.net (CloudFront)
Age: 3864836
X-Amz-Cf-Pop: MUC50-C1
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Mon, 05 Jul 2021 08:58:13 GMT
Server: AmazonS3
Etag: W/"4b9abb36767431f05495228eb82edf01"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: ie4GLUNSPPjH1OeyD_n2NfR24mfJu_Ldra433cMKlUrEKjmH4a-rRw==

GET
H2 200 modules.2d5957a634efdccdd61d.js Show response
script.hotjar.com/ 221 KB
55 KB 37ms
13ms Script
application/javascript 99.84.88.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2d5957a634efdccdd61d.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-2.muc50.r.cloudfront.net

Software

Resource Hash

aff8d54b4a7a713ccf37676fc168651d97874d6e2e07ca68b690d571e5acca70

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 14:35:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 fc6dca2df1221c0bec817610bc20e504.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 41957
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55583
last-modified: Wed, 28 Feb 2024 14:34:37 GMT
etag: "a619ceec9fdde41c9dfbc551f08ee100"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IQ_U5hNxVYXBMNdRtpOBhrk0d6I0WVYr89lDe2qz_FMmnjGji8G-6g==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 68 KB
25 KB 64ms
63ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x100%7C300x250%7C300x600&ifi=15&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863438&lmt=1709168391&adxs=1006&adys=645&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=f&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=324x4724&msz=324x100&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D300_1v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=2192439130&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

234ae9057590fb6d1ac47438d8b015f90d954a5fbf7112c90c97480caae5ab59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25778
x-xss-protection: 0
google-lineitem-id: 6433455104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138459075120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 67 KB
25 KB 59ms
59ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=16&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863452&lmt=1709168391&adxs=436&adys=274&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=1036x5180&msz=1036x50&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3D728_1v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=206257688&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3d26de0446a94a4cbf66df1ad72333df883ea7334106a8267b9dfdbcc26e074

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25221
x-xss-protection: 0
google-lineitem-id: 6140096305
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138446632021
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
21 KB 116ms
116ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=5x5&ifi=17&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863462&lmt=1709168391&adxs=1154&adys=561&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=h&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=324x37&msz=324x5&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dresource_v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=630980475&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bb023ed70bcd499af50ee7299874a1e3d366975ece99d657677928f52718f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20987
x-xss-protection: 0
google-lineitem-id: 6433455104
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138459729310
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 282ms
92ms Image
image/gif 52.20.246.2
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=darkreading.com&p=%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&u=BpYs7bBkbRxLD90KLQ&d=darkreading.com&g=53678&g0=Threat%20Intelligence&g1=Nate%20Nelson&g4=article&n=1&f=00001&c=0&x=0&m=0&y=5848&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&b=1737&t=DCnUI9BZTIHXBm2lFw3wQ6MD6jSQc&V=143&i=Meet%20%27XHelper%2C%27%20the%20All-in-One%20Android%20App%20for%20Global%20Money%20Laundering&tz=-60&sn=1&sv=C75ZmIBpcgW7DQIUOUC9McUrC4W2Te&sr=external&sd=1&im=067b2fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.246.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-246-2.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:23 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.180.1/ 176 KB
48 KB 47ms
13ms Script
application/javascript 18.173.187.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.180.1/bundle.js
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-84.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 19 Sep 2023 19:08:38 GMT
content-encoding: gzip
via: 1.1 3a5ebe10b769db9444c2df2c2e8a76a8.cloudfront.net (CloudFront)
last-modified: Fri, 12 May 2023 18:18:30 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 14022345
etag: W/"feaa1c0619023f29d47853e5ffd5cec4"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
x-amz-cf-id: bIpXsqZm2EMFGTmk5HT89e4UUY4R0Jo9WVX3OUm8RggCjg9pAqieAg==

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 790 B
376 B 49ms
49ms XHR
text/plain 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1316361334206284&correlator=1660051379908764&eid=44809527%2C31080982%2C31081520%2C31080985&output=ldjh&gdfp_req=1&vrg=202402220101&ptt=17&impl=fif&npa=1&iu_parts=3834%2Cdarkreading.home%2Carticle%2Cthreat-intelligence&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50&fluid=height&ifi=18&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1709172863652&lmt=1709168391&adxs=1156&adys=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=i&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&vis=1&psz=324x1384&msz=324x0&fws=4&ohw=1600&ga_vid=1908084774.1709172863&ga_sid=1709172863&ga_hid=1466502741&ga_fc=true&dlt=1709172862770&idt=261&prev_scp=pos%3Dnative_vertical_1v%26ptype%3Darticle%26nid%3Dbltcdcd4c566d16ef7e%26aid%3D733079%26reg%3Danonymous&cust_params=gdpr_banner%3Don&adks=921769895&frm=20

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c81cd54a244982bbb738bedbca4b5087716910f7f46df0768f47ba1a3d42d815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 347
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 48ms
28ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 29 Feb 2024 02:14:23 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240227/r20110914/ Frame D967 23 KB
9 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 16:42:03 GMT

GET
DATA 200
OK truncated
/ Frame D967 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 353323ab022bb805f587988bc40eaeb2fb95048ef013e88368ae786461325164

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 200 /
cognito-identity.eu-west-1.amazonaws.com/ Frame 0
0 96ms
29ms Preflight 2a05:d018:94a:8a02:b408:7d40:7264:595f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a02:b408:7d40:7264:595f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-amz-target
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-amz-target
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
access-control-max-age: 172800
content-length: 0
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-amzn-requestid: 4b5c879e-53e1-4d15-abab-44c0ee432e9c

POST
H2 200 / Show response
cognito-identity.eu-west-1.amazonaws.com/ 2 KB
2 KB 53ms
53ms XHR
application/x-amz-json-1.1 2a05:d018:94a:8a02:b408:7d40:7264:595f
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cognito-identity.eu-west-1.amazonaws.com/

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a05:d018:94a:8a02:b408:7d40:7264:595f Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7829ccb10b44d61166e225c7a6c7c5d377779975837a1917c481758443efb2bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.darkreading.com/
X-Amz-Target: AWSCognitoIdentityService.GetCredentialsForIdentity
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/x-amz-json-1.1

Response headers

access-control-allow-origin: *
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-expose-headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
x-amzn-requestid: e07ebc28-5768-418a-8dcd-9d10c74ed71f
content-length: 1792
content-type: application/x-amz-json-1.1

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 95AB 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwY8xGpB3JN5GwSPlnluGQz4Cp2eC_FZ7PQZRDzFbUyZIAdMXSImCvtPVUx6Ie3hQMWY1gTy5-TrD7wS3xerqlE5VNBp-NdswVoG2uvQOqB5U6Ao6vpYpsgdrHTPU0JW9v1nngl1pwgvcCG0Prf0xb3ivytHckoGXwpyRN9bmrNoyD9W0pnf96etgNsCefpl4hfY2XpIgH7QoZpjwHpV7GCPs2_vutnxMU2-1CE9l0AFR9FE6-D6jF5spTmqAnI1Kaov02ez6AS5EVNmHqfLzepMJinru1xQ8p-71tAEnW6St0gw-JQlVeP3aODipAQMv1ZtK8A3Pym5sBYhB2G0QDvQkdv6qu-5ZP_t5tP6Jxm7bEp69EHAowAQth9-2vcxgm9L_4_cedtbh02leHWw&sai=AMfl-YQg8IWE1XtB3tVBqn-Ac0hfO-xtflLVv-QQKoGvvTJxCvrCul00Kn-dWm0gmSsIy7_E3R3L3CzqSjt-2hx8prUXAYbVVo2ahFd_Rx_t_tDQ3uxpP9RFgIGfN6uiLqchvMewOn82Iuk9HGO6x4e2bTQ&sig=Cg0ArKJSzLO7BuNJGzavEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240227/r20110914/ Frame 95AB 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 16:42:03 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240227/r20110914/client/ Frame 95AB 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 16:38:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 95AB 207 KB
63 KB 26ms
10ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 01:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64043
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 02:37:52 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 95AB 332 KB
113 KB 49ms
21ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1fe45985d17575b2fff7ea554d28c9a467bc94f204daee355b23f9d3e38a26f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Thu, 29 Feb 2024 02:14:23 GMT
last-modified: Wed, 28 Feb 2024 12:15:59 GMT
server: AmazonS3
x-amz-request-id: 5P44TPXHGGP8TJ4Y
etag: "53b6f6d8af1095409d7f5440ef3dd208"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16013
accept-ranges: bytes
content-length: 115646
x-amz-id-2: EJhDRwR+lDElBqtRMckslpPo/7qsiQkZr0PhFHQ1etyZP6fy2ygEnGLrZnKXzAyfdmuWXEaelE/Up6sQTMZpcgfzadk365cP7JYzRmE+ztk=

GET
H2 200 12178698542986515658
tpc.googlesyndication.com/simgad/ Frame 95AB 15 KB
15 KB 9ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12178698542986515658

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f209ff0958e0acab57c85b5bf057710777c44c57acadb53f9d063c5f15614059

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Thu, 27 Feb 2025 16:12:24 GMT
date: Wed, 28 Feb 2024 16:12:24 GMT
x-content-type-options: nosniff
age: 36119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15379
x-xss-protection: 0
last-modified: Mon, 21 Aug 2023 16:41:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CBA 0
0 58ms
57ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvN6kfkkDk-IyQox0RWMNpttLfZdC8MzvUJpJwXnNm79MmR004OqHe6CPYT-_ycbfi9jMxrdxcfY3jm71ewl_zVEJSIBU3jyz0oP_C85jPapxN2yIh4mkY8M4d7Ss9G7aphE3iWvng966TJBAsqVRTvNk7mmmCrRPYl4WhfHhr2Y_NlEKmfuoDAa6ap3adqSMBqpj8Q4WlPUF9-rBsWMDCDAWooxYvhB1uQl7DbH1ZxsRMnToAb_il5GRA2e99FHmEDlRzYUiDa6SDGkwFGo4j9Ne3nSqmyAPA1h7ASwmNqEws9WCsZ764N9IYLAAoVVpP3Z9WVMhQ8OFNF5qy0NxbKf2P2Ga8C17F6K9F0JANt9kt2aOu9dkk4ekUGDWle3zhzaHI-g&sai=AMfl-YSAAFjlzOuTDdaQ0xBDj20lt7Qvv4YtwscpGC_av6fESjdMNDp36ZUDvangKyRWHhr6l9oTnZjB_Nf6G4hZ95W0ILglhX09A-rebZWxNcHqyGyAjPlROvHWp82t1w&sig=Cg0ArKJSzOu43BfUvv1_EAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240227/r20110914/ Frame 8CBA 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 16:42:03 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240227/r20110914/client/ Frame 8CBA 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34573
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 16:38:10 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 8CBA 207 KB
63 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 01:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64043
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 02:37:52 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame 8CBA 332 KB
113 KB 49ms
35ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1fe45985d17575b2fff7ea554d28c9a467bc94f204daee355b23f9d3e38a26f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Thu, 29 Feb 2024 02:14:23 GMT
last-modified: Wed, 28 Feb 2024 12:15:59 GMT
server: AmazonS3
x-amz-request-id: 5P44TPXHGGP8TJ4Y
etag: "53b6f6d8af1095409d7f5440ef3dd208"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16013
accept-ranges: bytes
content-length: 115646
x-amz-id-2: EJhDRwR+lDElBqtRMckslpPo/7qsiQkZr0PhFHQ1etyZP6fy2ygEnGLrZnKXzAyfdmuWXEaelE/Up6sQTMZpcgfzadk365cP7JYzRmE+ztk=

GET
H3 200 11615354544233020182
tpc.googlesyndication.com/simgad/ Frame 8CBA 13 KB
13 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11615354544233020182

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f274598e02172fc31cb7b3eae2a897a9432c3fe360a49268b0672f09d6e03755

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Wed, 26 Feb 2025 08:58:17 GMT
date: Tue, 27 Feb 2024 08:58:17 GMT
x-content-type-options: nosniff
age: 148566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13663
x-xss-protection: 0
last-modified: Tue, 12 Sep 2023 08:46:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8CBA 0
0 34ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_TC3M5pl4sXB5uI5bqJ-XolkUFzgHDgV32XcPwHMwK5jxZQ-ZvKG5-N5yVA4XPrE6XiRe
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8AF 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstZEXMKOdw_QiceXtcO8ipmxIIRAlhyqeF51o1dl2Agra2ighhpLPSUDXGd-bDSaU6U5OgA_BVbdjjYR3BRCZqPNZL6Xu8QoOdhgm8eFYgnRdQAHYnxxvg0a__MbHpw8jGH0oVUkzkaHCWRbx6K6Z9OEhmifSPP0xhW7v3j20CYSv2ejnRPa0hUV80n_jB3CKfnUSIP72ntXrVG9hJNc1yxrdZ7_hsN1vDD8t3vjHyozP4TqT_mRVUhCaRVqRZOj-5iglDf1bKduzEgxAMUxtBVK4QIlrMkrNvisTigNA1Z91Tm5AphKRmnR_jw3yxudmUt4UqsenzgpVnGjuGfFWya-zj3n5sVMrxSgkJcmpsyPOxBmGAD20yd_eUg3f6PsCcCroVlDWRsfmk&sai=AMfl-YQIbTKgCnC6mF5UGLPYB9vNoto4ryiNwqqPFYvHlljatxLHCJyl7OamWNQfUR-vZuGTZ97m3tZa7DNL_MljlN3ji5lthpxIe4R3QN9dnAHiaJp80s4V38cwc_rGgw&sig=Cg0ArKJSzCvPxgcaHqTAEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240227/r20110914/ Frame B8AF 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240227/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 16:42:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Mar 2024 16:42:03 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B8AF 207 KB
63 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 01:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2191
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64043
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-7
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Feb 2024 02:37:52 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/informagamdisplay218733383007/ Frame B8AF 332 KB
113 KB 37ms
36ms Script
application/x-javascript 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402220101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1fe45985d17575b2fff7ea554d28c9a467bc94f204daee355b23f9d3e38a26f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Thu, 29 Feb 2024 02:14:23 GMT
last-modified: Wed, 28 Feb 2024 12:15:59 GMT
server: AmazonS3
x-amz-request-id: 5P44TPXHGGP8TJ4Y
etag: "53b6f6d8af1095409d7f5440ef3dd208"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16013
accept-ranges: bytes
content-length: 115646
x-amz-id-2: EJhDRwR+lDElBqtRMckslpPo/7qsiQkZr0PhFHQ1etyZP6fy2ygEnGLrZnKXzAyfdmuWXEaelE/Up6sQTMZpcgfzadk365cP7JYzRmE+ztk=

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D967 0
26 B 55ms
55ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoJhVj9awu2QRcCMekxuRwdFSbd8laoCM_oE4q1zpWGm_-iaGVLVGas1jfFDWreGHKrFsuxlB4nDzl7CeljuLf6fTNxk9dCn3yz7bkZuQbUXryqGpxYYDMPK7BQDigImchGQbsdTtrq2xgRkZ18tPbcnt8LvCjEEW4NmByx08VaVr1ofH5zlb1kJXRtqdIbG3W1lSO7wnck437mz1tBnoNw0ax8O6WcaPwP3dG2hbB70A2B_CJJdEZHhZbklRhrasj8U8N0iaY8q_ece00B0cqZbSbY51Z9WICu_hS99XV_iwsUz8HoUfK1iqU12L6A-TyXOFkeOosY5Dc0twTaRcNlfUqwZVWmbgdfZM3irPUdprDbIDix1zMW3cv4dzuaz1CaCWm5f8gNfmzYpPNug4waA&sai=AMfl-YQN08WKB5DJlMABX9L0Nw4APSvyVJdWagKZ-k5iOuw4XTgm16nPXh3IMxrSFwqGRj4lxeD_5SiUJb9X4BKJK3dwxzKvhwpiWXKoctRFQQ6wFRTVqGGSWLstScUvWo9b5waz46E6cAud9Kd7XS-FNWg&sig=Cg0ArKJSzC5UMnoWDx-2EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 7122960984839144923
tpc.googlesyndication.com/simgad/ 196 KB
196 KB 10ms
10ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7122960984839144923?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a52059e12bd1f54e4b8110b74d275dcf1e9d61cad6895968f94dd25f24d36d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires: Thu, 27 Feb 2025 16:12:24 GMT
date: Wed, 28 Feb 2024 16:12:24 GMT
x-content-type-options: nosniff
age: 36119
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 200556
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 14:13:25 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 95AB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37da0280b4a3bbaa07bb58741b8963f5ae718657a7556ea5eff030c75d655c90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8CBA 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 660a9546860271bbe0ae2cdc16167300d00e23ac76300660f73bdb253807a238

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK web.js Show response
ads.celtra.com/b0789f8d/ Frame B8AF 14 KB
5 KB 391ms
104ms Script
application/javascript 54.167.226.184
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.celtra.com/b0789f8d/web.js?&accountId=44b74b35&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsta4sXgd2xPAwclAc2w9igrsNedYkZoJD5dykGuDwAO9QXecTYjQji4aWQDQopghLVDNOeTm6LZh1A88UBCp-5fAp1KQl4uWVnslNLc34WfFuorg0-tvQibzWJf7nZW9BtDNhPvriuxrDRM8skdGga2_dUILI4Khe8iTNYt9efthTZOkigCce0Mmipo511Uw8WQIyiBbSVC13Q7fg6LdgWiM9vyTVXwX2kEvXUlMsLirD7JJaOR3Bbh1v48SaSrMelpOL3lskNaHHL3LFCjQ08BniXHr6npeeSLJM2VavYG3QbpyGMmt1V1rnQE9n5E_R8GEGFyY4oijDLUB95jyEeB-OcK9IvrdxdNlxTE7-Cv-6NpPPZTlKS_zIkpOmetv60NaRTdlQg%26sai%3DAMfl-YSsfTET18BvfD5UJxcd_b-4O1XdtKppLg3vbl1Apo1efti-F4ssaD8gdxmWUXCmoPY4R4lDCH5_wDeWpky0AhrLHa8L7jOsdikCOT-dYgbbWmQhBtK1p_oS6ad6mA%26sig%3DCg0ArKJSzLXDIPGbi0P-EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138459729310&externalCreativeId=138459729310&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6433455104&externalCampaignId=3282332824&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1709172863.821&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=3693219278174358
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.167.226.184 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-167-226-184.compute-1.amazonaws.com
Software: /
Resource Hash: 7f7a5e0113d50bc98553ffe60a433bf743d3e6be6ce9df076bb059663eba2bd0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:23 GMT
content-encoding: gzip
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 4947
Expires: 0

OPTIONS
H2 200 ed0
c.darkreading.com/com.iiris/ Frame 0
0 144ms
126ms Preflight 2606:4700::6812:6c2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6c2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 600
cf-cache-status: DYNAMIC
cf-ray: 85cd64bf2911bbfe-FRA
content-length: 0
date: Thu, 29 Feb 2024 02:14:23 GMT
server: cloudflare

POST
H2 200 ed0
c.darkreading.com/com.iiris/ 2 B
290 B 129ms
128ms Ping
text/plain 2606:4700::6812:6e2f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.darkreading.com/com.iiris/ed0
Requested by: Host: static.iris.informa.com
URL: https://static.iris.informa.com/f23io39d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:6e2f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 29 Feb 2024 02:14:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.darkreading.com
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials: true
cf-ray: 85cd64bfea134d73-FRA
content-length: 2

OPTIONS
H2 204 js_pageviews_itcyber_darkreading
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ Frame 0
0 26ms
7ms Preflight 18.196.132.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1709172863880

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-td-fetch-api,x-td-write-key
Access-Control-Request-Method: POST
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.darkreading.com
access-control-max-age: 7200
date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000

POST
H2 200 js_pageviews_itcyber_darkreading Show response
eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/ 16 B
477 B 20ms
7ms Fetch
application/json 18.196.132.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu01.in.treasuredata.com/js/v3/event/webtracking_itcyber/js_pageviews_itcyber_darkreading?modified=1709172863880

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.196.132.224 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-196-132-224.eu-central-1.compute.amazonaws.com

Software

Resource Hash

56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

X-TD-Write-Key: 100/bb9cbe21de3db7a5428506d7528e45b2c801a48c
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
X-TD-Fetch-Api: true
Content-Type: application/json

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
p3p: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
access-control-allow-origin: https://www.darkreading.com
content-type: application/json
access-control-allow-credentials: true
access-control-allow-headers: Authorization, X-Requested-With, X-TD-Write-Key, X-TD-Fetch-Api, Content-Type
content-length: 16

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8642 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 55176
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Feb 2024 10:54:47 GMT
expires: Thu, 27 Feb 2025 10:54:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E043 829 B
1 KB 17ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cdcc401d4a26bc2bb6440296fec8e1690ed21151b481fbb1ca59ed3da65e78be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WW4anTNyjqBSjL8Mpq5dnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.darkreading.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WW4anTNyjqBSjL8Mpq5dnw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 29 Feb 2024 02:14:23 GMT
expires: Thu, 29 Feb 2024 02:14:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 darkreading
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ Frame 0
0 119ms
101ms Preflight
application/json 2606:4700:4400::6812:2595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/darkreading?item=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&limit=4&mode=db&item_age=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amz-date,x-amz-security-token
Access-Control-Request-Method: GET
Origin: https://www.darkreading.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-headers: Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key,application_id,iris_profile_id
access-control-allow-methods: DELETE,GET,POST,PUT,OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 85cd64bf995d1c19-FRA
content-length: 0
content-type: application/json
date: Thu, 29 Feb 2024 02:14:24 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-amz-apigw-id: T4FEDGWsDoEFvHg=
x-amzn-requestid: 1bedbde5-7900-43d1-8fb7-7a887d0bb22c
x-content-type-options: nosniff

GET
H2 200 darkreading Show response
api.iiris.com/v3/recommend/public/content/similar-items/it/cybersecurity/ 4 KB
2 KB 223ms
223ms XHR
application/json 2606:4700:4400::6812:2595
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2595 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cbf55625818fe98a474453ffdbd494e260b7c72d750332a41fbffcea6db5306d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY, DENY
X-Xss-Protection	1; mode=block, 0

Request headers

Accept: application/json, text/plain, */*
X-Amz-Security-Token: IQoJb3JpZ2luX2VjEBMaCWV1LXdlc3QtMSJHMEUCIFoyLhVguELgIMDNShxe4jc0hc9slNO35jy6M2CRuAvXAiEAxGZQemYOsBZFUBMeZH507kxYQFUgKRlBFogIT9bEwxsq0gUI+///////////ARADGgwwNTYwNDMxNzA4OTkiDCwJ1mvEcrd1i4ipdiqmBU8BbenB+zRKZaqsbfcvNRL5Z1T6uJCnrLbkxB4vd3kTx04KHkj+3nmwTpCq8/v5mfGYNHJNi/SoePA2GBslf3dZCjaiqx55SeZR9nFFTRG1uLmRRqLG+avuDsoapENiKxjqi270bY+xecsWJqI1FKD8z5a3c1nXLNzcinlyvdZnet246x9sxjuKT7YQsCWrTWvpbmxlUB22GVwpysqzMqWE+mCwrJ1WrgNh8NcgnrPAFRIUcS/aSstMXti9y7567aZkqwBFfCI0EdDkSzl8DHUpz2DnVr9yYKxOR61CVCdtZNps1QFx2iKEmfffqKFzcmh4xD6Y5J2vrYobtIQS5SQc3ItvnBe8tJF8zdHceeJS3NO/UfwMUFQxYj0/SSQ/KhvjPSJR9HolSI9Zese3h61EXlmyoDvHwLl1buIjNKZG3PNaoqsxPIw/PShHQBXScplxvHMjKcyC+OmYEOzypKWFmPxfHQ9PPmM68Li/8tvjHtHHN5PeYdxwQPPTvlzcVRf51oF/zsom8PlNXIWjwzo6N1VtsGlXDbzQo251nVS0/++WkcWMmDR0swU0UgjcWe5Km43hQ5CZTAhwMA1fBxXayRDCoI5kOKjDSnH9diDyDPRMpBTo8EVg4xecoPAjIrYjdRPomNr65W/BQSQm+tMG7wda+rNS7g6kCxkogfyTQKtWYf1+T0q83mOjvVTE+GmVl963+KZ3ux5tCyswJoboU0+3gg/WoQUi5OtupSEj8VSAkygpa5WVtzGoRyZeU/mvJxtO5qziMPnEux/aGrDuqbadB70j+LUyLF/sZL/U9VASiTomHUCovrUBJhOtY1T7ku80QqDsAK4fMPdV5Cp2YuVp8rnKvkXB7MiJYlduuiQxBnTrylpYhPA0ZuhCHezLSPHzPzD/0P+uBjrdAkqORF8iLD5ZAxhHzV0cfmcFdu2/Dzh6eYpUV7QsPh7YOzFop27fYwbAhxJwbiB7tFxl7Vo3T1mYnxR25JjsA4lZ6yC33BGBvb8cXTb+sj4QI9u8FJoDAxTmwpEzUhWG2RDVRWRs/oZTUDrkwN8FnFJmCEDM9LvBEb6+Mfyr0O1GyFeYJKF28c3iTuOymbVJNu6qNWh7p2rq505k0lvIvE88zTTrFC8vCPGxe0w906M6jHd7JSeWTgDk2x1FfYJOHyT0dVaD4A9UtmMC7FpFsh3pg7VLIgtnZRuKKOjRrsyGwqi5cWGYO8wwcYk2FSgrZpeKl8pJyqXSya+8+ocUNdHB3OtoEWrlbM5qrXoEAHSMFMCCqM1ERqDAdX17ttmwCb0dm/fChQUzJrcR5tP5UJQ2N0yGfh4duS0H53iea2CrF29fgKT6KKwuErfEoH3tyfbO6w60RTg3iQZTvyM=
Referer: https://www.darkreading.com/
accept-language: de-DE,de;q=0.9
x-amz-date: 20240229T021423Z
Authorization: AWS4-HMAC-SHA256 Credential=ASIAQ2DDO5RJRHLJWDES/20240229/eu-west-1/execute-api/aws4_request, SignedHeaders=host;x-amz-date;x-amz-security-token, Signature=6559e3f9d85a695d5ef584b33c1075a43040b1f69a9b2f4fae43eddc10a84890
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
x-amzn-remapped-content-length: 3790
x-amzn-remapped-server: uvicorn
x-permitted-cross-domain-policies: none
content-security-policy: default-src 'self'; base-uri 'self'; block-all-mixed-content; font-src 'self' https: data:; frame-ancestors 'self'; img-src 'self' data:; object-src 'none'; script-src 'self'; script-src-attr 'none'; style-src 'self' https: 'unsafe-inline'; upgrade-insecure-requests; require-trusted-types-for 'script'
content-encoding: gzip
cross-origin-embedder-policy: unsafe-none
x-amzn-requestid: 2923b764-65b4-42d3-b728-8dae4622e9c9
x-amzn-remapped-connection: keep-alive
x-dns-prefetch-control: off
cf-cache-status: DYNAMIC
x-amz-apigw-id: T4FEEG6wjoEFT6A=
x-xss-protection: 1; mode=block, 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
cross-origin-opener-policy: unsafe-none
x-download-options: noopen
x-frame-options: DENY, DENY
content-type: application/json
access-control-allow-origin: *
origin-agent-cluster: ?1
cache-control: no-cache, no-store, must-revalidate, max-age=86400, private
cf-ray: 85cd64c0398a1c19-FRA
x-amzn-remapped-date: Thu, 29 Feb 2024 02:14:24 GMT
expires: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 95AB 0
0 56ms
42ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstu274qHfzpL8c-mqZmDZfpDdkDGcIVnzQpCi-0VR5xk0pXtWc_sXvoNnFXmBzqUqMNpAtcbKoDK9cXp_m822SPcighWFvxA9Z8bjAqEz7cVb777xbRhfo60yr4GVc1boWM-cQ-uU9biUBFMHeZ3yMwWW8n8QzARKspfxbnmGHMSVtKa2jtQ3zYLWb0_yhOZRNEwrqCsW8zDmENuoedQZIA6RVKljhrS7EW-WfStkLdHY4l2OqhrVRwGZPMGvz_pNfNU-KiZiLaxSHvcYTcOg0VMXRgsPQfkg65V_n1TqVU-yg6BpFFnoBF1U_NuXuHZ5Sd3-3CvIHxwQqBdtY6Zdfn6ey6jHtHKEtYB6JyFofRDJOasvTO8oHw6MFCxNxTE7tZ9jPv_twOXIu5LtDRwf2&sai=AMfl-YTMySD2XlvMh9v83m0u9AWE1-GAB0GmqY1kxe9k-mLcCp0aX0qzASjF0eUmLNz_OhCCcHP3t_pg2VxgeS8TvhPTPS57lpQUKhYWh405RYjbb_5a_TpkD9bbXkGfJb__FKxJjVTs5gihJZDKk1YqUCA&sig=Cg0ArKJSzAkdr-2xTFbzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:23 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Feb 2024 02:14:23 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame 95AB 33 KB
11 KB 36ms
8ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?2912024
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 825f6b61f96bc43809abd30cab948309377449c379a6f973c582f5d28bf267ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:00:29 GMT
via: 1.1 google
content-encoding: br
age: 834
x-guploader-uploadid: ABPtcPqEE7OWpOEHCpEK_Sa77pqzEvtdWPTyYKN9qbE1fe5KSxFjipZ2YSLKahD0ZxYCaKJgOT2pexCKBA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10671
last-modified: Wed, 21 Feb 2024 23:31:36 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1708558296436903
x-goog-hash: crc32c=srF/gg==, md5=3fpNhUvHTpM0hkxhCmt/UA==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 34175
accept-ranges: bytes

GET
H2 200 n.js Show response
mb.moatads.com/ 99 B
277 B 184ms
83ms Script
text/html 141.147.81.223
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1709172863948&de=977547217515&m=0&ar=b14f40e8f24-clean&iw=952b4bf&q=2&cb=0&ym=0&cu=1709172863948&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3282332824%3A6433455104%3A138459075120&zMoatPS=300_1v&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1480%3A2382%3A1738%3A1579&fs=207200&na=513072798&cs=0&callback=MoatDataJsonpRequest_38030581
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/informagamdisplay218733383007/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 141.147.81.223 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: b465e8886c830f9d0f4d3960b18523732f929168eed5ab03d312119a5e731b01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:24 GMT
server: istio-envoy
etag: "f4cdf98b63aebb89ec7cc8706c712032a44dc19c"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 50
timing-allow-origin: *
content-length: 99

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 36ms
28ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1709172863948&de=977547217515&m=0&ar=b14f40e8f24-clean&iw=952b4bf&q=3&cb=0&ym=0&cu=1709172863948&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3282332824%3A6433455104%3A138459075120&zMoatPS=300_1v&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&bo=22316126855&bp=22339890152&bd=300_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1480%3A2382%3A1738%3A1579&fs=207200&na=954713595&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8CBA 0
0 42ms
41ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm7Y0uxJBwtAYIBEbX3sXa3kTHcaJrSq73ofwVw_KDtAVimDcFIhkcyKQsMU_xETwbr2-quKPFdco0FFDu9_yo6JfeDfme7cCf0ZPm5LTFwBAjt-7FMFZdeRAZ0fgJL-jXIX-6pX6-N-vjAwK2uhV-u9fHb9u7EkovEtx78Rsp5YUFUmTZvyUkjsV5GA-ProLoNIGKoUDVpxduqrcwCgrNYavtq1Bs-2K_t27odOiUcz66hs_XNSHj5yjSk5Zfc_l7nR89sED3bF-Ys2ORu8OF_MIvRMHowxNpHFoQrtR70KIqKQtlHubdyacjYs5ffYydKEEcP2zQcV0Y86TZfQgdzL2a7SZg4obPNtrhVsLvSPOICvWkftwEI-pGTaz668mFb336_lKp&sai=AMfl-YR-TY5xFB_hEkJcxGTR5uLYMkt4czOPasckI-RTz1obWPKaVf2Qq0GtQZV3hIc5t-pB1DJFp8OC0FDp3ogRfrqygMr1xvmGZf4xU7OA6pjycDgBxHgYL58mnPGXwA&sig=Cg0ArKJSzDFo_iBPskjzEAE&uach_m=%5BUACH%5D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
DATA 200
OK truncated
/ Frame B8AF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 457610bb01f28199f1a35ccf2c31a2a5d973914e6cfcf8c90adc382dce492840

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 12ms
12ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F12178698542986515658&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172863948&de=977547217515&cu=1709172863948&m=48&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5938&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=0&ag=16&an=0&gf=16&gg=0&ix=16&ic=16&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=16&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=32&cd=0&ah=32&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459075120&bo=22316126855&bp=22339890152&bd=300_1v&zMoatPS=300_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=300x250&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=300_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=578494415&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame 95AB 62 B
254 B 28ms
28ms Script
application/javascript 34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=62439&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&pv=1709172864058_a6w4dkdm1&bl=en-us&cb=5586822&return=&ht=&d=&dc=&si=1709172864058_a6w4dkdm1&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&v=2.6.1.139
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2912024
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
content-type: application/javascript
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: 0

GET
H/1.1 200
OK ud.ashx Show response
in.ml314.com/ Frame 95AB 20 B
482 B 443ms
154ms Script
application/javascript 52.72.19.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://in.ml314.com/ud.ashx?topiclimit=&cb=2912024&v=2.6.1.139
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?2912024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.72.19.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-72-19-156.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Thu, 29 Feb 2024 02:14:23 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public
Connection: keep-alive
Content-Length: 138
Expires: Fri, 01 Mar 2024 02:14:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E043 0
0 37ms
37ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202402220101&jk=1316361334206284&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8642 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 10:37:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 27 Feb 2025 10:37:52 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 33ms
33ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1709172864008&de=301003989383&m=0&ar=b14f40e8f24-clean&iw=952b4bf&q=7&cb=0&ym=0&cu=1709172864008&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&zMoatPS=728_1v&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&bo=22316126855&bp=22339890152&bd=728_1v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1480%3A2382%3A1738%3A1579&fs=207200&na=1984439122&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8642 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gqt1yA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 25ms
25ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F11615354544233020182&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864008&de=301003989383&cu=1709172864008&m=4&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5938&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=0&ag=1&an=0&gf=1&gg=0&ix=1&ic=1&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=1&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1&cd=0&ah=1&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=424540819&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=INFORMA_GAM_DISPLAY1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1709172864025&de=757596659609&m=0&ar=b14f40e8f24-clean&iw=952b4bf&q=11&cb=0&ym=0&cu=1709172864025&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&zMoatPS=resource_v&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&bo=22316126855&bp=22339890152&bd=resource_v&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&gw=informagamdisplay218733383007&fd=1&it=500&ti=0&ih=2&pe=1%3A1480%3A2382%3A1738%3A1579&fs=207200&na=970600831&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H2 200 web.js Show response
cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/ Frame B8AF 574 KB
125 KB 58ms
14ms Script
application/javascript 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/creatives/cf175bcd/compiled/web.js?v=99-5d85a3d8ad&secure=1&cachedVariantChoices=W10-&isPurposePreview=0&eventMetadataExperiment=newMeta&inmobi=0
Requested by: Host: ads.celtra.com
URL: https://ads.celtra.com/b0789f8d/web.js?&accountId=44b74b35&clickUrl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsta4sXgd2xPAwclAc2w9igrsNedYkZoJD5dykGuDwAO9QXecTYjQji4aWQDQopghLVDNOeTm6LZh1A88UBCp-5fAp1KQl4uWVnslNLc34WfFuorg0-tvQibzWJf7nZW9BtDNhPvriuxrDRM8skdGga2_dUILI4Khe8iTNYt9efthTZOkigCce0Mmipo511Uw8WQIyiBbSVC13Q7fg6LdgWiM9vyTVXwX2kEvXUlMsLirD7JJaOR3Bbh1v48SaSrMelpOL3lskNaHHL3LFCjQ08BniXHr6npeeSLJM2VavYG3QbpyGMmt1V1rnQE9n5E_R8GEGFyY4oijDLUB95jyEeB-OcK9IvrdxdNlxTE7-Cv-6NpPPZTlKS_zIkpOmetv60NaRTdlQg%26sai%3DAMfl-YSsfTET18BvfD5UJxcd_b-4O1XdtKppLg3vbl1Apo1efti-F4ssaD8gdxmWUXCmoPY4R4lDCH5_wDeWpky0AhrLHa8L7jOsdikCOT-dYgbbWmQhBtK1p_oS6ad6mA%26sig%3DCg0ArKJSzLXDIPGbi0P-EAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&expandDirection=undefined&clickEvent=advertiser&iosAdvId=&androidAdvId=&externalAdServer=DFPPremium&tagVersion=html-standard-7&eas.JWVjaWQh=138459729310&externalCreativeId=138459729310&externalPlacementId=22339890152&externalSiteId=22316126855&externalSiteName=darkreading.com&externalLineItemId=6433455104&externalCampaignId=3282332824&externalAdvertiserId=5134346611&coppa=0&scriptId=celtra-script-1&clientTimestamp=1709172863.821&clientTimeZoneOffsetInMinutes=-60&hostPageLoadId=3693219278174358
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 8e5710628ac5577745041845951438bffb3fcd4fddb0ff1ca2575b18b3d8d943

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 07:21:52 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 67952
x-cache: Hit from cloudfront
content-length: 127356
server: Apache
etag: "539368937bfb28ee050fd9ef9e221eedda34c4f4f4f7c8dd49fa8f3000668814"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
x-amz-cf-id: HSeR7Mvr2vdCWbvKzcJ7DREZ9NmjlG2ReKbBwg1OPoSxMzYD9YblZQ==

GET
DATA 200
OK truncated
/ Frame B8AF 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK 134e2d7d-65ea-4419-8940-830fcd105669
https://www.darkreading.com/ Frame B8AF 167 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.darkreading.com/134e2d7d-65ea-4419-8940-830fcd105669
Requested by: Host: www.darkreading.com
URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Length: 167
Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8AF 0
0 42ms
42ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsveYBTATt9GZAwSq3c3ZIdTZRVXICbicOyLuP4ImkrKQLoylhhOIIXtJ0TtE8d--vZDFgpq4ZEnKSYUWwyLUAnsnGMmAjxGYhkOy9It-pxKXsL7qH4I_UQ3rcbYbwzAgKeoHBnDEPHBN_ddPK7IDxhXXYf91tUapdRlZX8DZFOk3_vKzrKLhDUom_HDYr6ar1ge50ujqo4OOlEq_yRaf-zKhOvYcd7L83dU8juHEPHZJO-BPVuOIJb5UzKmTv4jUenWvpX3_8ssb-XmKyLgjuhwsgD5L6IRBpsuB7qt47YIWvnf3nyHZG82xP7hB46KXJiXVjp9ah3YZZ4zPPSGZcP0c-dx5B2ajT_QiCpOUkUn0m1Fb_6ypPOnGQIILMKZKdGMzGbfbADQo4fEjQ&sai=AMfl-YRTBw15wtLkK2i7aigxHLs6xYdHCVilsHAWzDV8EQHW1phgGFk-TA6YO0RY4-hTLHf5slK5yPAIytu7vPKgTUX4HAVSDv0ejlS7zGsPnJVELfQS_wfx9F1HD7KeeA&sig=Cg0ArKJSzGMV16wPiSxFEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 29 Feb 2024 02:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H/1.1 200
OK eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiO...
track.celtra.com/json/ 35 B
242 B 364ms
89ms Image
image/gif 52.2.208.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjAsImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NC4zMjYsIm5hbWUiOiJjb250YWluZXJCZWNhbWVWaWV3YWJsZSJ9XX0=?crc32c=905898024
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 1454a71d-cdbb-429c-8092-122f4493e0c7.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/ Frame F941 16 KB
16 KB 39ms
15ms Font
application/font-woff 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothic800n/3_a21706b45861b8577718feb7af969a082ae4576a33ea62b203d77b518b45935a/1454a71d-cdbb-429c-8092-122f4493e0c7.woff?subset=%20()%2C-01235689%3AABCDEFGHIKLMNOPQRSTUVWZabcdefghiklmnoprstuvwxy%E2%84%A2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 604a11a13e17ff30f139c1aa086f2438793086c36ced07f66e1c75d901a3b910

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:52 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012251
etag: "604a11a13e17ff30f139c1aa086f2438793086c36ced07f66e1c75d901a3b910"
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 16244
x-amz-cf-id: FEZpVC7A418DDe4HOHXQZkDPGenk2wq5y1wODt6P5D8X8hGZeajkqg==

GET
H2 200 57625f96-ca80-4602-9644-ec1803cb3ba3.woff
cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/ Frame F941 9 KB
10 KB 37ms
15ms Font
application/font-woff 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cache-ssl.celtra.com/api/fonts/monotype_tradegothicnext400n/3_78b829381fc6cb8a15b0da13bda2ee2fe6786c2b2c1c7b121149bf4daf6870f6/57625f96-ca80-4602-9644-ec1803cb3ba3.woff?subset=%20%2C-.012359FGHILMPSTUabcdefghiklmnoprstuvwxyz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: c505161b7b106213680541a87fd510acd39ed912c9a4c699cbce4f37b1094aca

Request headers

Referer: https://www.darkreading.com/
Origin: https://www.darkreading.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:52 GMT
via: 1.1 e46f362ef9260e60e122406168399f5c.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012251
etag: "c505161b7b106213680541a87fd510acd39ed912c9a4c699cbce4f37b1094aca"
x-cache: Hit from cloudfront
content-type: application/font-woff
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 9604
x-amz-cf-id: 6t8T1uRhbmCryOqpYA4dV_wW95irNWa2keD7J8i1IzTtiugZegoKzA==

GET
H2 200 forrester_wave_external_threat_intelligence_q3_23%20(1)-01.png
cache-ssl.celtra.com/api/blobs/c36899b3b9d1cc61712af4f671b1faf7324b869414908213e1a74ba9a0b4335e/ Frame F941 104 KB
105 KB 14ms
14ms Image
image/png 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c36899b3b9d1cc61712af4f671b1faf7324b869414908213e1a74ba9a0b4335e/forrester_wave_external_threat_intelligence_q3_23%20(1)-01.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:12:17 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 673326
etag: "2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 106643
x-amz-cf-id: rovh8Tj6wTbAAXV4m-uUO0JHQfWuvEWS8RwxbTBNTfvDvFtPuysZnA==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/ Frame F941 2 KB
3 KB 23ms
23ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012251
etag: "0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 2417
x-amz-cf-id: 5c2KgW5gmq4m1qO3A-I0bJbv1_PQISNi7GV0Kzou9bcGRrycg2t6CQ==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/ Frame F941 1016 B
1 KB 18ms
18ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/Resource%203.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012251
etag: "33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1016
x-amz-cf-id: PmVlLTqcP8ipYKKFevzoz-UWDxINZFuEXaMXyZsldpEMfYwaXRwyfQ==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/ Frame F941 1 KB
2 KB 29ms
29ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/Resource%204.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012250
etag: "ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1504
x-amz-cf-id: DWCqIC2-I64s3lr-14HjoHvlvwiLfrkQLRtAP5tojZE4cvVFVyw3_w==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/ Frame F941 830 B
1 KB 19ms
19ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012250
etag: "d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 830
x-amz-cf-id: _h3EFlCQHO1cx4NjLOVJtpQaIa9stBQ_AyTJlGP2_YiTTrDk1AwCGg==

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame F941 737 B
1 KB 22ms
22ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:46 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 12850478
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 99023
accept-ranges: bytes
x-amz-cf-id: bcKtdmM0OzZ6ZJKZtctvF8gC8TcBj0J1bHaXTeOfVIGGfJGK680pjQ==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame F941 740 B
1 KB 19ms
18ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 12850477
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 754705
accept-ranges: bytes
x-amz-cf-id: EESH0VkCSefer2m55V4jrpcfL5VVnkirazy9vlEMUEyctKkNagiGuA==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame F941 1 KB
1 KB 29ms
28ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 22:02:10 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 4853534
etag: W/"06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: 8DNjylpqqAeKsxo10GjsEezIH3qeS9EPDBMTAHRpPPrM9hYzWIq2uA==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame F941 1 KB
1 KB 19ms
19ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 22:36:02 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 2950702
etag: W/"89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: qkRAE9o74Gt7EYIglCQober92dwZkLrMSQRaG3TWBPJ67BsSOYJ1pQ==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame F941 802 B
1 KB 24ms
24ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:36:11 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 3562693
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 802
x-amz-cf-id: 1xYFxsFL39uzi0rDhYrP87gmJXbI2gTggX5FX8V4x1LYMKaIxhtqeQ==

GET
H2 200 celtra%20icons_face-spn.svg
cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/ Frame F941 805 B
1 KB 23ms
23ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:26:04 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 7274900
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 805
x-amz-cf-id: O5kJ-fG-lKefb1xlxqPo8Gtp6GjNXoqEOTzjQACvA94n3GETvjQSTw==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame F941 1 KB
1 KB 37ms
37ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:43:54 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 2917830
etag: W/"2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: 2qsZhnFo7DFhdb-4pw9cTOhjdCT6jzxj6hkLPMw6aGQ56ZVJ6Nrc2A==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame F941 704 B
1 KB 23ms
22ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:26 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 4382458
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 704
x-amz-cf-id: O6kI6aFB8gt8XqTDkDkLtQOgQgZAnkX9yuoqOsonSkD3PY0u8Itzlg==

GET
H2 200 Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png
cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/ Frame F941 10 KB
10 KB 22ms
22ms Image
image/png 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 06:32:54 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 4909290
etag: "3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 9750
x-amz-cf-id: R53whRG27ahH-0sfKuY7s0bC6JizUe3blAUh1MtPHfP2LMUQ54fZkg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjEsImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NC4zMjksInNjb3BlIjoiZ2xvYmFsIiwidXNlckFnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMi4wLjYyNjEuOTQgU2FmYXJpLzUzNy4zNiIsIm9yaWVudGF0aW9uIjowLCJ0b3Btb3N0UmVhY2hhYmxlV2luZG93Ijp7IndpZHRoIjoxNjAwLCJoZWlnaHQiOjEyMDB9LCJob3N0V2luZG93Ijp7IndpZHRoIjo1LCJoZWlnaHQiOjV9LCJuZXN0aW5nIjp7ImlmcmFtZSI6dHJ1ZSwiZnJpZW5kbHlJZnJhbWUiOnRydWUsImlhYkZyaWVuZGx5SWZyYW1lIjp0cnVlLCJob3N0aWxlSWZyYW1lIjpmYWxzZSwiaWZyYW1lRGVwdGgiOjF9LCJwYWdlVmlzaWJpbGl0eUFwaSI6dHJ1ZSwicmVxdWVzdEFuaW1hdGlvbkZyYW1lIjp0cnVlLCJ0b3BXaW5kb3dOYXRpdmVSQUZTdXBwb3J0ZWQiOnRydWUsImFsbG93Tm9uTmF0aXZlUkFGRm9yVmlld2FibGVUaW1lVXNlZCI6ZmFsc2UsImNsaWVudFRpbWVab25lT2Zmc2V0SW5NaW51dGVzIjotNjAsInN1cHBvcnRzQ29udGFpbmVyVmlld2FiaWxpdHkiOnRydWUsInN1cHBvcnRzQ29udGFpbmVySW5pdGlhbFZpZXdhYmlsaXR5Ijp0cnVlLCJ0YWdQYXJlbnRXaWR0aCI6MCwidGFnUGFyZW50SGVpZ2h0IjowLCJhbXBEZXRlY3RlZCI6ZmFsc2UsImFtcE5lc3RpbmdMZXZlbCI6IiIsInNhZmVGcmFtZURldGVjdGVkIjpmYWxzZSwiZmV0Y2hTdXBwb3J0ZWQiOnRydWUsImFzYXBFbmFibGVkIjpudWxsLCJuYXRpdmVQcm9taXNlc1N1cHBvcnRlZCI6dHJ1ZSwiYmVhY29uU3VwcG9ydGVkIjp0cnVlLCJJbnRlcnNlY3Rpb25PYnNlcnZlclN1cHBvcnRlZCI6dHJ1ZSwiaXNNdXRhdGlvbk9ic2VydmVyU3VwcG9ydGVkIjp0cnVlLCJ3ZWJWaWV3IjpudWxsLCJpc1dpbmRvd09wZW5OYXRpdmUiOnRydWUsInByb3RvTG9hZGluZyI6eyJkYXRhTG9hZFN0YXR1cyI6InN1cHBvcnRlZCIsImJsb2JMb2FkU3RhdHVzIjoic3VwcG9ydGVkIn0sInRvcFdpbmRvd0xvY2F0aW9uIjoiaHR0cHM6Ly93d3cuZGFya3JlYWRpbmcuY29tIiwidG9wV2luZG93TG9jYXRpb25MZW5ndGgiOjI3LCJuYW1lIjoiZW52aXJvbm1lbnRJbmZvIn0seyJzZXNzaW9uSWQiOiJzMTcwOTE3Mjg2NHgxNzlkNWYxNWY0ZjUxYXg2ODA3MzM3NiIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjUyNzg5NjI1MjIyODU3MiIsImluZGV4IjoyLCJjbGllbnRUaW1lc3RhbXAiOjE3MDkxNzI4NjQuMzk4LCJuYW1lIjoiYWdncmVnYXRvciIsIm1ldHJpYyI6Im1vbm90eXBlVXNhZ2VSZXBvcnRlZCIsInZhbHVlIjoxLCJjdXN0b21EaW1lbnNpb25zIjp7Im1vbm90eXBlUHJvamVjdElkIjoiYzQ2ZWQwOTAtMzY3MS00MTYzLWE4NWItYjA2YjQwMzhhZTM4IiwiY3JlYXRpdmVJZCI6ImNmMTc1YmNkIn19XX0=?crc32c=3918498375
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 celtra%20icons_link-wht.svg
cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/ Frame F941 737 B
1 KB 16ms
15ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825/celtra%20icons_link-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:46 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 12850478
x-cache: Hit from cloudfront
content-length: 737
server: Apache
etag: "4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 99023
accept-ranges: bytes
x-amz-cf-id: rXDLXGsr9RqUTWz9K17iBhOQHaJHbb04KEEAeX8QboUUckgWAji55A==

GET
H2 200 celtra%20icons_link-spn.svg
cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/ Frame F941 740 B
1 KB 32ms
30ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1/celtra%20icons_link-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 03 Oct 2023 08:39:47 GMT
via: 1.1 varnish (Varnish/6.2), 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P4
age: 12850477
x-cache: Hit from cloudfront
content-length: 740
server: Apache
etag: "64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-varnish: 754705
accept-ranges: bytes
x-amz-cf-id: dLnCz4HqhKQAsk8mOVr_3U-VZC_V6eXxIrKPtE24RA0SpPt4_KCkNw==

GET
H2 200 celtra%20icons_twit-wht.svg
cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/ Frame F941 1 KB
1 KB 16ms
15ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e/celtra%20icons_twit-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 22:02:10 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 4853534
etag: W/"06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: SzNvBUrTN_eGNTeNcdEat5Juluyex-KOaPOe5mGVwnah9S0K3b_JFA==

GET
H2 200 celtra%20icons_twit-spn.svg
cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/ Frame F941 1 KB
1 KB 30ms
29ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119/celtra%20icons_twit-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 22:36:02 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 2950702
etag: W/"89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: 1VxnC2WIZ-3Dom8we3qSLrbmPHTFquYDCghqYtH__CuR5YaQ_8b4OQ==

GET
H2 200 celtra%20icons_face-wht.svg
cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/ Frame F941 802 B
1 KB 16ms
15ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f/celtra%20icons_face-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 20:36:11 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 3562693
etag: "1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 802
x-amz-cf-id: U0-Yn5mtKq_QFZG15dJRFuuoF4aLtdbUdpeLHxtJMaDH0VEq2ZBeDg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183/celtra%20icons_face-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 21:26:04 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 7274900
etag: "de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 805
x-amz-cf-id: dZWjPjgug-fyGrBLSTZC8so2zMJei8FrIawUw42nS1kb9L1-nY2jJA==

GET
H2 200 celtra%20icons_yout-wht.svg
cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/ Frame F941 1 KB
1 KB 16ms
15ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286/celtra%20icons_yout-wht.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 07:43:54 GMT
content-encoding: gzip
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 2917830
etag: W/"2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
x-amz-cf-id: QhNLvew883hlG4mHyn2cMY0tHXnEichtAHA1vlBUZi5gjCTqyf1MPw==

GET
H2 200 celtra%20icons_yout-spn.svg
cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/ Frame F941 704 B
1 KB 34ms
33ms Image
image/svg+xml 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d/celtra%20icons_yout-spn.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:53:26 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 4382458
etag: "41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d"
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 704
x-amz-cf-id: noNAot26enZSyvPAZB3ckRiyFLEsIdRYZbuFnVqY3vpy61oWFODTDQ==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c452c4a5355218eab38b48a9bf66f985f39c4c685de33cf7da58efd4da74bb20/Mandiant-Google-Logo-Lock-up-and-Tagline_rgb_Full-Color-on-Light.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 06:32:54 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 4909290
etag: "3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 9750
x-amz-cf-id: vdPz7Ks65-XJUyVfjIB9Mby6efxiPZrszmIKVKKHpfAGLUK3cszwQg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c36899b3b9d1cc61712af4f671b1faf7324b869414908213e1a74ba9a0b4335e/forrester_wave_external_threat_intelligence_q3_23%20(1)-01.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 07:12:17 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 673326
etag: "2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 106643
x-amz-cf-id: wDNALJLYJ1qH79CTvaDLkdt5Y2mNAS9YcORnoQ6QqoxOYDwL_4XKkg==

GET
H2 200 Resource%202.jpg
cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/ Frame F941 2 KB
3 KB 16ms
16ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/15ffb3faee77c5c4cd5e0abec2ae87c3f7299d1710b3dde0d1e7318c78cc8a41/Resource%202.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012251
etag: "0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 2417
x-amz-cf-id: veAhblkktbGtkwJ7FeRdaSDOvo5wBESh1s7U97u7T0nA7G8cq621pA==

GET
H2 200 Resource%203.jpg
cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/ Frame F941 1016 B
1 KB 34ms
33ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/cd659c86ae3bfd854e962a603c26c4c6bf04cb06a9e99b7e4b879a638982e6cb/Resource%203.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:53 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012251
etag: "33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1016
x-amz-cf-id: RoOvytn-sO9cnDW5XZYSL2Gk5ZNocoTW3cd_FrWFO1pKkvxtQjVoqQ==

GET
H2 200 Resource%204.jpg
cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/ Frame F941 1 KB
2 KB 16ms
16ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/723775cbbff83de2689c45a84876f1a1523d34e8a443d6d40e94c5ea75528e70/Resource%204.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012250
etag: "ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 1504
x-amz-cf-id: ojLlylrGhp6Z55hQK5XlcjDrXe0yYnjhRCmhxQGbQa2pOnuiC3x_iQ==

GET
H2 200 Resource%205.jpg
cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/ Frame F941 830 B
1 KB 25ms
24ms Image
image/jpeg 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/c9bdafc2a01dc71f3a92126da67718f64a8e1e9c3d3e71f99c29f11feb75a4d0/Resource%205.jpg?transform=crush&quality=85
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:54 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012250
etag: "d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595"
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 830
x-amz-cf-id: YIieVT7kLBowvO5TzyNu7xz0m4MUbXSKpWT-uyr4POu7wmI-uaMa6Q==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjMsImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NC40MTIsIm5hbWUiOiJjcmVhdGl2ZUxvYWRlZCIsInZpZXdhYmlsaXR5MDBNZWFzdXJhYmxlIjp0cnVlLCJ2aWV3YWJpbGl0eTUwMU1lYXN1cmFibGUiOnRydWUsInZpZXdhYmxlVGltZU1lYXN1cmFibGUiOnRydWUsImNkblZhcmlhbnQiOiJub25lIn0seyJzZXNzaW9uSWQiOiJzMTcwOTE3Mjg2NHgxNzlkNWYxNWY0ZjUxYXg2ODA3MzM3NiIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjUyNzg5NjI1MjIyODU3MiIsImluZGV4Ijo0LCJjbGllbnRUaW1lc3RhbXAiOjE3MDkxNzI4NjQuNDIxLCJuYW1lIjoidmlld3BvcnRQbGFjZW1lbnRHZW9tZXRyeSIsInBhZ2VEaW1lbnNpb25zIjp7ImhlaWdodCI6NjA2Miwid2lkdGgiOjE2MDB9LCJ2aWV3cG9ydFBvc2l0aW9uUmVjdCI6eyJ3aWR0aCI6MTYwMCwiaGVpZ2h0IjoxMjAwLCJsZWZ0IjowLCJ0b3AiOjB9LCJmaXJzdFBsYWNlbWVudFBvc2l0aW9uUmVjdCI6eyJsZWZ0IjoxMDA2LCJ0b3AiOjU5Ny40ODQzNzUsIndpZHRoIjozMDAsImhlaWdodCI6Njg1fX1dfQ==?crc32c=1235261525
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjUsImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NC40MjcsIm5hbWUiOiJ2aWV3YWJsZTAwIiwiY3JpdGVyaW9uIjp7Im5hbWUiOiJDb3JlIiwicmF0aW8iOjAsInRpbWUiOjB9fSx7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjYsImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NC40MjgsInVuaXROYW1lIjoiYmFubmVyIiwidW5pdFZhcmlhbnRMb2NhbElkIjpudWxsLCJzY3JlZW5Mb2NhbElkIjozODA0NSwic2NyZWVuVGl0bGUiOiJSZXNvdXJjZXMiLCJzY3JlZW5Jc01hc3RlciI6ZmFsc2UsIm9iamVjdExvY2FsSWQiOm51bGwsIm9iamVjdE5hbWUiOm51bGwsIm9iamVjdENsYXp6IjpudWxsLCJpbml0aWF0aW9uVGltZXN0YW1wIjoxNzA5MTcyODY0LjQyOCwibmFtZSI6InNjcmVlblNob3duIn0seyJzZXNzaW9uSWQiOiJzMTcwOTE3Mjg2NHgxNzlkNWYxNWY0ZjUxYXg2ODA3MzM3NiIsImFjY291bnRJZCI6IjQ0Yjc0YjM1Iiwic3RyZWFtIjoiYWRFdmVudHMiLCJpbnN0YW50aWF0aW9uIjoiMjUyNzg5NjI1MjIyODU3MiIsImluZGV4Ijo3LCJjbGllbnRUaW1lc3RhbXAiOjE3MDkxNzI4NjQuNDI5LCJuYW1lIjoiY3JlYXRpdmVSZW5kZXJlZCJ9XX0=?crc32c=1667968437
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 iMac.png
cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/ Frame F941 277 KB
278 KB 13ms
13ms Image
image/png 18.173.187.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache-ssl.celtra.com/api/blobs/12ce17071c09b7ca2c5f85386fc887c62a93acbe3992040fe445f7d520351a0b/iMac.png?transform=crush&quality=256
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-26.muc50.r.cloudfront.net
Software: Apache /
Resource Hash: 3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 02 Jan 2024 01:56:56 GMT
via: 1.1 541abc390c35db77f7d121c96f0661ec.cloudfront.net (CloudFront)
server: Apache
x-amz-cf-pop: MUC50-P4
age: 5012247
etag: "3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range, Content-Disposition
cache-control: max-age=31556926
access-control-allow-credentials: false
accept-ranges: bytes
content-length: 283662
x-amz-cf-id: BzsWkfVGM2VHhrV1keCpRs9BrZOB8mCD9vHfaa3pp7E35NUmpLciTg==

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjgsImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NC40NDQsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNzA5MTcyODY0LjQyOCwidG8iOjE3MDkxNzI4NjQuNDI4fV19?crc32c=29971787
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:24 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=2&uk=null&pk=0&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.darkreading.com%2F%2Fthreat-intelligence%2F-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864025&de=757596659609&cu=1709172864025&m=508&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A-%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=0&ag=44&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=88&pf=0&ib=1&cc=0&bw=44&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=87&cd=0&ah=87&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=1448376984&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
41ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202402220101&jk=1316361334206284&bg=!np2lndLNAAZ3BdUuVwU7ADQBe5WfOB7IT4BokFOgiCdzDKi4W-kk60Gm6B6-yY2osLCpubHHmZe_ah8BszrCaV1ZQStyAgAAACZSAAAAAWgBB5kC8nPi1SNDmnCG8ZdXSvkR-7Lz20sCqI8PqrTIb6fsTyJ_0K1myJeAtbWhxIPgrywbAtXifyFqybJHlpJvIy0cNPUcyuqbXkenz4NOGethqDaQ6T9nYY1dHL_f8roKcjiQ6pSxsNks8sqtTTUTBiSJn-FpBF_VNwH7mnjzTMnv0oaKh0Qo2hy7_RnH8K9N9o-JD1IRsjdY50_IdkdN_j8ZCjWh2UZRpNgSMcbxNPn7aKhy9f5U8GSPsL9xuMyr3acu5x0plX1LgKTGNIadRNMvRDTCiqb-bZmj9fFWohzDkEZsavqfrvPkdUbZIgPeHIDYNK30Xy8uEhbbycARiSiBADh6txux94pan6DF3al2mSjfAPuM-CkQaY35bE7GWNDNdA5u50ozjGbD2jBw1ozqEu5rb4GXW38ZcyFLgDyzPghIJJXMFrolc_dstc43SeQoBcwGBfAper49Hb_M3S0-Kl_Z6mxf9HkviApTR8n3GQrLtvoSQT5Y8sU7wxsoPVdJL8vVS3JpqDnhrEWA1JA36C8-Hmt8W_4h-5st2gjYnJifH0htAT0K6cl_vwhit5jmVDWIocxWjRyeFawBMq_bEEXntzfLDWyWhAFUjQ4VrRdefmVHLmBG4t3ICY69WgHQ72Wx1CVf9Clm_he1QFaZ9QI8MJ3XmFbpshZTbq2GisbarMXNl5PjVIaWbu4DpKWftP_GusYpnjzZ_MC0nR5lXEAUGgb7Np-H9qjKPWE6jyqhsBwoDW831lJjWjCJ4WkNBwQoSwXAAFB6hVMzDB-VNO64RV4sKc13PMeMmNYIMaFBceGHv5HBv4swgC67mUX3t_PBM--SLANyZh6bH7fk5wzjJklVgliycZtxvPOmX0YQoleJcB_MwLRCvPgb2H6EkIZGoLghSCyNFBwlBWxbq-UGbhA2MGtkCb6KjVsin6Zwe126dBUbzxTfHQpSYETFDwxpElCQce4-RKufcOmiQncTOIQU_R0WegU7ngLp4qjpJ3o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CBA 42 B
174 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIQfgYUJD4Lh7bIj24OBmf4C-jJ9gxIFzOvt5ldcUs_NgEK9Tatb7j6-RXaqIASH4nddHYS8Zr3mFvu0yyiK-iHTsSIm0eODkE-FCAxW3oRkskxbRFCx8Y3gQMR2PXNXN6rz_AyKNkMP-dtr7XEthEAcHU-mu-35U&sig=Cg0ArKJSzPWKBwedzyIPEAE&id=lidar2&mcvt=1000&p=249,436,339,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240227&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=206257688&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=510566400&rst=1709172863768&rpt=238&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Feb 2024 02:14:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864008&de=301003989383&cu=1709172864008&m=1016&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=1&ag=1013&an=1&gi=1&gf=1013&gg=1&ix=1013&ic=1013&ez=1&ck=1013&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1013&bx=1&ci=1013&jz=812&dj=1&aa=0&ad=913&cn=0&gk=913&gl=0&ik=913&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=812&cd=1&ah=812&am=1&xd=00&rf=0&re=1&ft=913&fv=0&fw=913&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=799111677&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864008&de=301003989383&cu=1709172864008&m=1017&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=1&ag=1013&an=1013&gi=1&gf=1013&gg=1013&ix=1013&ic=1013&ez=1&ck=1013&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1013&bx=1013&ci=1013&jz=812&dj=1&aa=0&ad=913&cn=913&gk=913&gl=913&ik=913&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=812&cd=812&ah=812&am=812&xd=00&rf=0&re=1&ft=913&fv=913&fw=913&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=942680241&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 9ms
9ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864008&de=301003989383&cu=1709172864008&m=1017&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=1&ag=1013&an=1013&gi=1&gf=1013&gg=1013&ix=1013&ic=1013&ez=1&ck=1013&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1013&bx=1013&ci=1013&jz=812&dj=1&aa=0&ad=913&cn=913&gk=913&gl=913&ik=913&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=812&cd=812&ah=812&am=812&xd=00&rf=0&re=1&ft=913&fv=913&fw=913&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=2005660370&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864008&de=301003989383&cu=1709172864008&m=1219&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=1&ag=1216&an=1013&gi=1&gf=1216&gg=1013&ix=1216&ic=1216&ez=1&ck=1013&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1216&bx=1013&ci=1013&jz=812&dj=1&aa=1&ad=1116&cn=913&gn=1&gk=1116&gl=913&ik=1116&co=1116&cp=1013&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1013&cd=812&ah=1013&am=812&xd=00&rf=0&re=1&ft=1116&fv=913&fw=913&wb=1&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=2011446856&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:25 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjksImNsaWVudFRpbWVzdGFtcCI6MTcwOTE3Mjg2NS40MjksIm5hbWUiOiJ2aWV3YWJsZTUwMSIsImNyaXRlcmlvbiI6eyJuYW1lIjoiNTAvMSIsInJhdGlvIjowLjUsInRpbWUiOjEwMDB9fV19?crc32c=2782868401
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjEwLCJjbGllbnRUaW1lc3RhbXAiOjE3MDkxNzI4NjUuNDYsIm5hbWUiOiJ2aWV3YWJsZVRpbWUiLCJmcm9tIjoxNzA5MTcyODY0LjQyOCwidG8iOjE3MDkxNzI4NjUuNDQ1fV19?crc32c=2126346986
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:25 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=2&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=685&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864025&de=757596659609&cu=1709172864025&m=1621&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=88&vx=88%3A88%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=1&ag=1161&an=44&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1161&kw=1003&aj=1&pg=88&pf=88&ib=1&cc=1&bw=1161&bx=44&ci=1161&jz=1003&dj=1&aa=1&ad=1060&cn=0&gk=0&gl=0&ik=0&co=1060&cp=1003&cq=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=87&ah=1003&am=87&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=5134346611%3A3282332824%3A6433455104%3A138459729310&bo=22316126855&bp=22339890152&bd=resource_v&zMoatPS=resource_v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=5x5&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=resource_v&hv=Exps%3A%20Celtra%20Banner%2FVideo%20%7C%20Celtra%20API&ab=3&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=100752765&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:25 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjExLCJjbGllbnRUaW1lc3RhbXAiOjE3MDkxNzI4NjYuNDc3LCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTcwOTE3Mjg2NS40NDUsInRvIjoxNzA5MTcyODY2LjQ2fV19?crc32c=164521306
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:26 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.celtra.com/json/eyJldmVudHMiOlt7InNlc3Npb25JZCI6InMxNzA5MTcyODY0eDE3OWQ1ZjE1ZjRmNTFheDY4MDczMzc2IiwiYWNjb3VudElkIjoiNDRiNzRiMzUiLCJzdHJlYW0iOiJhZEV2ZW50cyIsImluc3RhbnRpYXRpb24iOiIyNTI3ODk2MjUyMjI4NTcyIiwiaW5kZXgiOjEyLCJjbGllbnRUaW1lc3RhbXAiOjE3MDkxNzI4NjcuNDkzLCJuYW1lIjoidmlld2FibGVUaW1lIiwiZnJvbSI6MTcwOTE3Mjg2Ni40NiwidG8iOjE3MDkxNzI4NjcuNDc3fV19?crc32c=3016261565
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.2.208.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-2-208-119.compute-1.amazonaws.com
Software: /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 29 Feb 2024 02:14:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
265 B 7ms
7ms Image
image/gif 184.30.17.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&sgs=3&vb=18&kq=1&lo=0&uk=null&pk=0&wk=1&rk=1&tk=0&ak=-&i=INFORMA_GAM_DISPLAY1&ol=3984263267&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K%25.O%24%3D!%5DxbmbjKjGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RK0ZAnPFBj3g4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-9jTEEAlWe0wLgg%3D%3D&sc=1&os=1-qg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-60&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&id=1&ii=4&f=0&j=&t=1709172864008&de=301003989383&cu=1709172864008&m=5029&ar=b14f40e8f24-clean&iw=952b4bf&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6062&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1480%3A2382%3A1738%3A1579&as=1&ag=5027&an=1216&gi=1&gf=5027&gg=1216&ix=5027&ic=5027&ez=1&ck=1013&kw=812&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5027&bx=1216&ci=1013&jz=812&dj=1&aa=1&ad=4927&cn=1116&gn=1&gk=4927&gl=1116&ik=4927&co=1116&cp=1013&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4826&cd=1013&ah=4826&am=1013&xd=00&rf=0&re=1&ft=4827&fv=1116&fw=913&wb=2&cl=0&at=0&d=5006753165%3A2994564374%3A6140096305%3A138446632021&bo=22316126855&bp=22339890152&bd=728_1v&zMoatPS=728_1v&gw=informagamdisplay218733383007&zMoatOrigSlicer1=22316126855&zMoatOrigSlicer2=22339890152&zMoatDomain=darkreading.com&zMoatSubdomain=darkreading.com&dfp=0%2C1&la=22339890152&zMoatSZ=728x90&zMoatMMV_MAX=na&zMoatMGV_MAX=na&zMoatCURL=darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&zMoatDev=Desktop&zMoatDfpSlotId=728_1v&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&tc=0&fs=207200&na=1172250292&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-17-133.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.darkreading.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 29 Feb 2024 02:14:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 29 Feb 2024 02:14:29 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.darkreading.com/	1970-01-20 18:46:14	Name: __cf_bm Value: dfaaoufy2h0qwDzQvFTx1nKhj.px955XsF7WIosGxeM-1709172862-1.0-AbFjlsWDmd1YT1RvUafGiY9nXvrUtzX337JwIPyNFUbU3rL9AIXlisrCbpj9I2fYe0jwbsR82z1+zlQpdCgr3Bc=
.darkreading.com/	1970-01-20 20:55:48	Name: _gcl_au Value: 1.1.758832707.1709172863
.darkreading.com/	1970-01-21 04:22:12	Name: _ga_1X1EHQ3PFR Value: GS1.1.1709172863.1.0.1709172863.60.0.0
.darkreading.com/	1970-01-21 04:22:12	Name: _ga Value: GA1.1.1908084774.1709172863
.js.ubembed.com/	1970-01-20 18:46:14	Name: __cf_bm Value: x_Xm7fRDIf6.DSRK1SZawIfv_EoPMr3mDGUNNKTQ.Vg-1709172863-1.0-AY4uX3px8tEpdxYj5dN/FT3z1LD7X8/AVryGjWzoXK5TZX+SZoZso5abC/CRh9O89vNEAQy1hKbOUT/RJWEhBGM=
.darkreading.com/	1970-01-20 23:05:24	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Feb+29+2024+03%3A14%3A23+GMT%2B0100+(Central+European+Standard+Time)&version=6.39.0&isIABGlobal=false&hosts=&consentId=abe460b8-9933-4486-b91f-9668dea8c797&interactionCount=0&landingPath=https%3A%2F%2Fwww.darkreading.com%2Fthreat-intelligence%2Fxhelper-all-in-one-android-app-global-money-laundering&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0
.darkreading.com/	1970-01-21 04:15:00	Name: _cb Value: BpYs7bBkbRxLD90KLQ
.darkreading.com/	1970-01-21 04:15:00	Name: _chartbeat2 Value: .1709172863465.1709172863465.1.C75ZmIBpcgW7DQIUOUC9McUrC4W2Te.1
.darkreading.com/	1970-01-20 18:46:14	Name: _cb_svref Value: external
.doubleclick.net/	1970-01-21 04:07:48	Name: IDE Value: AHWqTUkunrgH6nlQqD24hyOG-6-zC8lOBM1v1O_VpshHBvN9zzY4nC0wgK5jNcW1OC4
.darkreading.com/	1970-01-21 04:07:48	Name: __gads Value: ID=dc5974d466a5eaec:T=1709172863:RT=1709172863:S=ALNI_MbBjchKq6Ip5PEkItTL47wls6QH5g
.darkreading.com/	1970-01-21 04:07:48	Name: __gpi Value: UID=00000d65e23e54a4:T=1709172863:RT=1709172863:S=ALNI_MZ0oyST1-wtRah3cJAi4skiSjmLVw
.darkreading.com/	1970-01-20 23:05:24	Name: __eoi Value: ID=4abfacff2953c284:T=1709172863:RT=1709172863:S=AA-AfjY7wtpgTMnQqghVLrfZ237O
.darkreading.com/	1970-01-20 18:46:14	Name: _sp_ses.94c4 Value: *
.darkreading.com/	1970-01-21 04:22:12	Name: _sp_id.94c4 Value: 1f69aa40-1fa7-405d-a53a-4113c0f35724.1709172864.1.1709172864.1709172864.a2bcaedf-1087-475b-9f9c-fd6dc83d906f
.darkreading.com/	1970-01-21 03:31:48	Name: _hjSessionUser_2610568 Value: eyJpZCI6IjcyN2FhZDJjLWJiNTgtNWVkZi1hNDM2LWZjNmRjZjFiZWIzZSIsImNyZWF0ZWQiOjE3MDkxNzI4NjM4NjksImV4aXN0aW5nIjpmYWxzZX0=
.darkreading.com/	1970-01-20 18:46:14	Name: _hjSession_2610568 Value: eyJpZCI6ImUyYWQ0NTI1LTNlNDUtNDJhMS1hNmUxLWViMTgyN2Q5YjlmYiIsImMiOjE3MDkxNzI4NjM4NjksInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.darkreading.com/	1970-01-21 04:22:12	Name: __td_signed Value: true
.darkreading.com/	1970-01-21 04:22:12	Name: _td Value: d7826ca1-1882-47d1-a07e-004b8d99678c
www.darkreading.com/	1970-01-20 18:47:39	Name: _iris_cdl Value: Ki50cmFkZXB1Yi5jb20=
.in.treasuredata.com/	1970-01-21 04:22:12	Name: _td_global Value: a219b032-559e-4008-b10b-e74d29830fcc
.darkreading.com/	1970-01-21 03:31:48	Name: sp Value: 7d9cca73-abc7-47e5-9f21-cafc1780dc38

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.darkreading.com/threat-intelligence/xhelper-all-in-one-android-app-global-money-laundering Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=3153600000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2713c3c32d48f5af68a9f1c8aa5abb59.safeframe.googlesyndication.com
6600d6d98e534115970f9529a45f3195.js.ubembed.com
ads.celtra.com
api.iiris.com
assets.ubembed.com
bam.eu01.nr-data.net
c.darkreading.com
cache-ssl.celtra.com
cdn.cookielaw.org
cdn.treasuredata.com
cognito-identity.eu-west-1.amazonaws.com
connect.facebook.net
eu-images.contentstack.com
eu01.in.treasuredata.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
in.ml314.com
js-agent.newrelic.com
marketingplatform.google.com
mb.moatads.com
ml314.com
pagead2.googlesyndication.com
ping.chartbeat.net
px.moatads.com
region1.analytics.google.com
script.hotjar.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.cloudflareinsights.com
static.hotjar.com
static.iris.informa.com
stats.g.doubleclick.net
tpc.googlesyndication.com
track.celtra.com
www.darkreading.com
www.google.com
www.google.de
www.googletagmanager.com
www3.doubleclick.net
z.moatads.com
108.138.36.70
141.147.81.223
151.101.194.137
18.173.187.26
18.173.187.84
18.196.132.224
18.66.192.117
184.30.17.133
185.221.87.23
2001:4860:4802:34::36
2600:9000:237d:b600:18:1fcd:353:c61
2606:4700:4400::6812:2595
2606:4700:4400::6812:27b5
2606:4700:4400::ac40:9b77
2606:4700::6810:3965
2606:4700::6812:6c2f
2606:4700::6812:6e2f
2606:4700::6812:82ec
2a00:1450:4001:801::200e
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:812::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a03:2880:f083:100:face:b00c:0:3
2a04:4e42::649
2a05:d018:94a:8a02:b408:7d40:7264:595f
34.117.77.79
52.2.208.119
52.20.246.2
52.72.19.156
54.167.226.184
99.84.88.2
99.84.88.46
011c2e9cca2dd810784f85ccbee288959b13d10c6a1bd740f4486b75985187af
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
06f2e7aff06ad791fabdd60dfcb3fdbe88c30c32ed55785ad9acc7ae7eb5172e
08478fd91787479d9e3987318987d1f3dc071b3a96c05c1fc50fc0e1f066700a
08e80b071eebc4d49557e0a60ed2da7df37d69d32578c4b8944b3bb336729fa8
0aa8d78d022a3a963df6a9f76a741013f5fca235afee22bc9b8b2b36e00724ba
0cb1f38d61653157e68473122673d1341e3fa8be59749683fb5b19f97d7b658c
0f155ecc49cf3427c761b27ef11fcc6d210fb27a9355d70fd5a30e5f1893452a
11cc8f8883427da6cada9351cc0b32f789c4c882ac3b1c28251e8e89c2588093
11efe79bc9fd298582704ecee9d88a628ac49233ec420ab2cb075dcfc647c019
127c7ead87e287db401c5a3173fd190cc2c7211711e97486294ca2086754f793
12d04146373bc5fb49c6a59242e2ecf68a936d237df36502ae6019a69a22b82a
158ef3ffbaff87a536860183add91e01bf0bad4c3845a469204a47406ecc7c86
173f5f7ac4a5ea699ae7222623eb58deacd1f5ba6dcab888b9d43abc766e5079
1866a87b4c049fb761b0218db2aecbef33496d878706bc56f2701965efaf88a7
1990c0bbd45686485a8b7844bc28385760d05bba14add54b96dd37110752bfb7
1c772ec23181d233341c3fb4f2a3ea33c223bc4fb6ed1ddbc2510e3e39b0a13f
1dcdf2e5ad826b04f561efbaec9c3dbf35c14e78a46b1b24441744ae4509a14f
1fe45985d17575b2fff7ea554d28c9a467bc94f204daee355b23f9d3e38a26f9
2064e516677b38ec4d7329d24f874e9df683d16073e08df603cf9749187b7ce1
21102c999da99aa5a6c8403c9e2367ca2e8d3e7fd2d6b5c1aef9e4fab888749c
2198f9c819947e6557b06cd53a4804d4a9a2377500ed131d17e83359f12df4f6
234ae9057590fb6d1ac47438d8b015f90d954a5fbf7112c90c97480caae5ab59
24a02ac54c4c243167b35a23785d9a9482dcbc2ae44781904bedfffbfb475afe
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
262f87d47643975a4633b675fc224c7a178d99e579e5d767f4a43ca7cc0bb9de
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2b21643da63b2c4ecc10d42f29531dd1830ea86dc7fa876cf0e0d570b76bbb3c
2b49db76126e3a513e7c05bb12a72e45b35cd452bf617841f13da3f43aed20c6
2c579beaf8fa0e83ecd2419b3a1fa4974feb39505971716ceeec557bf71fc286
2eefd6a5b2748b2d8aac175fd9aaa32b25d6a37e82a00e1ee49bc32d9b39fc15
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33d4e261184b7d803ce2c30933d06f222eb1a1d9856ebc37a200fd746d2adcfb
353323ab022bb805f587988bc40eaeb2fb95048ef013e88368ae786461325164
35f572538cd0720e84b6defc20ccc3fda0c9819be2560392f6f1c9bdaa562b65
37da0280b4a3bbaa07bb58741b8963f5ae718657a7556ea5eff030c75d655c90
3ab7d7cd287b3914f7b8b89484e90bd53ee1d3d3f68be01f0e6a7406a4e82afa
3ac0447b34a3368cdfa012a62b75542709b93ffcfe99254783b54fbf432b441d
3ba2a77e8e0f22d7d7056f3212a62ae5b8ea692c8f71a196e5bffd51adf5e89c
3c73e358befe44619ce53bd7a423a0cce31449079ee76764a4ab8ff890bc5f88
3d238f5d9ce7c53e06aa9d28b552db871fb0bb90a42a544a7ce2ed7c7ae2f07d
3e41b4b05bdcccb0da8ec37f77e2ef63db46cc8184ce8acaef48b85861608eb8
3fa5a8d8426eb2ab1558cab127cf9b104c178882e5afa09b6f456ac7bec77c5e
403bd4ff618ce662e06268c6f5223b2b281e053075e118464c54089e247d0f8d
41df76a81ca19135ecd7fafd8f6f41c0bc94c942e56dfa93dce34035f6096f2d
43c2a61b8866d16d591eb248ba619d12148cf81667bc293be6a39de84110552d
457610bb01f28199f1a35ccf2c31a2a5d973914e6cfcf8c90adc382dce492840
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a51303165c76c1758a2ae08f186ac7e34ce07e844a9d7b8138123249abf587
494f4d3d22248a07094bca724486db0a83907141c5b3a887c60ec4b35c5d4dab
4a9b67a0e017f357f50cfde85c25b19337d31f64c42dca8f5e5bc51717f71e6c
4b2b620e4f0eda2ce3be88133e7ceb2e8e15810df50ee7b078f472ecaedbd825
4b475b63a797144d91a4b2e34499ab7321bdf6d298d5f1177ec1fa3f5d3b4e0e
4bb023ed70bcd499af50ee7299874a1e3d366975ece99d657677928f52718f03
4ed80b146a8d13c943de20ded2c469e90eedf4f3ed358823fd6d66d158264f83
4f381ccb6f965e2011700b253aa446e84060a338cc416055eabca3b62fa35435
522ff037e66aa34ef6ffa88711d8b765991b86f9ffeca4976c5750bb56f1e3ca
535eb451323412aa6e816e75127e5977cfaf2a0f997a7cecb858abae529605d8
54b7be659e9b4877f264d3e20706372dd5b1961f3943a3abd8666c5431a88073
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56587cffbb30e338497c9114f74803a530a713ebe374b69fcfa8551ad8dad1e9
58016ccef8b151b18ba8a751a7666689dcb78facc25a8710434d2e8629a83142
592356a6c52e99185da7862c1bc4929308efd3618e8f1c8e1dd665abf205ee62
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a4cbfaf21207e79bf3dff926bdb0a4df8b95481e064deb0e148a27bca5c366c
5a63bbbbf6c03435c477d375da06c8903f92508c3b2af313354c85452af34f0f
5be2dfa172d505acb197760b55c4731347cc239a7a046013c251948bb8214dbc
5ca742541d65d718402499ed1d84d003258ce2116562169b85744cf7d798485a
5f8cfae7be96aa10d0025b82a624ec7a098ad4ea0ef199df96456b3852e723d5
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
604a11a13e17ff30f139c1aa086f2438793086c36ced07f66e1c75d901a3b910
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62a683fb450f7fa9845bc05412211a15a4b09b406db0c7fcb6fe2fe18acff1ad
62eee22f7f92913689361d7cad70e166c1f0fe52937c1269996cffaa712e60f7
63d546f5345b249fd2bd740a93e4fea13d7d6c3db16591445761e0eea10dd270
64293aedb63beb6e7ad93891ac013b1902c21756b78115a82c6b0c3221277af1
660a9546860271bbe0ae2cdc16167300d00e23ac76300660f73bdb253807a238
67bec193d343c3fd900d5ae5ca8bce7aabc108d0da668fdb35c814e6a14b580e
687ab36c53d9c5bbede5a39f57873fe5a277d6ea526c70f5e2607cd619c13749
6ef59df86d3826ee2048c7707b14be9a819ffe3ce87ca7e989511ac24e447812
70762bfafc8225cf5100e093aed9cff2067f646efd71f12c209d6e21f03d460d
7115adc7ad7236bb3fc2fd6bcf3af81bb0da82a6931e853f1753b39f256f8576
77d55e5072dcc84c0f117b535cad7f28ef388cbad410e39952fbea5de5df53f6
7829ccb10b44d61166e225c7a6c7c5d377779975837a1917c481758443efb2bb
78977aa7e48ac3ada126337dcb1135aef21a49c3371cb081e75b7e52397ab906
7a52059e12bd1f54e4b8110b74d275dcf1e9d61cad6895968f94dd25f24d36d9
7b75529201e97f7566ae404c0bd803c64ce29092a13c8e1893369ef3c32c6337
7f7a5e0113d50bc98553ffe60a433bf743d3e6be6ce9df076bb059663eba2bd0
7fe6411146e7aabcda85d71ec42eabe4fe5fb199f0e9ad759bfa78a42a853535
81296cd80a48277304e2bc65bca848e51811c932b6e849f756f7e36b4f53bcde
825f6b61f96bc43809abd30cab948309377449c379a6f973c582f5d28bf267ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86dbd997ead92464b9d3e6228dab6902a3f8cdbd17de1da8923cb2f0fb600bda
8751c85d4da8af34fb4d78a2ab5bb92b7a3b5380f2d0d5ca89d11fc2b5bfb6ca
882c0ef9f4096af29e037f9ba9dcbc71a46605828ae12a77002c0fa5e00c309a
885200f33f72cda8f4a18b0efbd4306cc865bf020fb6311fc94b7a474829279a
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
88f755195644054fdb7c99868036a77d7c72634d0d9e925d2e4115f45e5cdd4a
89503620f97d81e90b18ddaac9363e04c109891acc96b715020a9686f8c3ce51
89fc0db5605db5f9cf18c99365688e9aab1e5ac27aa7d8c03428afcc3289f119
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8d6bcef001c13b903f6de6e2548a6269d4839314776fff9405d8bfe7dee9963d
8e5710628ac5577745041845951438bffb3fcd4fddb0ff1ca2575b18b3d8d943
90523092a383e5b3308aa18e8807788a6d5401f7a7eea157e9fcf3fb8050242e
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
91e1e324b948856bcaf13a2cb785a088349cdfe56a8e7625fc76393088f73f83
981ba30ca7f009ffd04d7f1f9fe473565b6e351a6c08600abf02aec627de015b
99d05e9c814cc9d11bde4f17b37c8658606dbb784365ed7bcf06e5776e6d7ac8
9b1aaea1148044ff331b843e9fd73a06418cfe363bbd331982a84944694f6618
9c50e71a20128824a5977a66e74d940fe22d5291a86a9c01b4ef9919e644bbb4
9e4d00cfee02d472b0c80124f87c00a8cb8ea5610201ebbf922d894d2fea4db1
a198f42d20de2a57d9ca5a07ae2833ad08a545719557e82dce927544761dc70b
a3eec595bb4a367fb8b7851c90c75aef35b9351d576daa1a225486154bb18b27
a558022abfa4a48519253a4f865bff33d0e2da300baf8c1ac7ec9e0a1e2dab37
a5beedf0a9b1e24fb846f1f256f5ba7c62af6ad06ea0965540b1c467dce23944
a954ff30267fcdc900f3a43a1a0a20627b4a08cf6d9c79c564aabb2d108662f1
ad5cc6ff21dcea74d8993cc061a6537b9645231fb85b173a27945ebea1e302d3
ad9790a02b38d895d458a98fb02e707b5031a26f533c545d1f8dd953d46468ee
ae137c002dd470c2b74f83bf3db62f9d6755b6f7e0674acd79a3e7ec4b9738df
ae59b218ab2a4bdc90c9da5d696d7c14eb10c26ddfe9882dc74f4e4e0deb7255
aff8d54b4a7a713ccf37676fc168651d97874d6e2e07ca68b690d571e5acca70
b1d7c156b23da63337045479de33a72ce2f863c09d1c766e54fb9d1f051ea44a
b465e8886c830f9d0f4d3960b18523732f929168eed5ab03d312119a5e731b01
b48789adc5cb2eca799d1780d20d5c9a9023f6f9fb7f2df02d282d2273f89724
b66dc2caf2d59f33ea6903da3157fc23e4ede24d3dcb34cd5f5d86ddcd54d40d
b7dd61f31dd9d4d1b9e2b24e139ddcaef62287a13664cdb50544ea421f1a1899
bc7efecace0085173f1ee9971a7094a6ed99c5c9489afc6d62c5546e16377861
bee6678ef8e60bd87cc364c870c0c5820a584d6068330cf7f25d418a61940fbd
c0c3435d7989e8cc6968d741c016e80e6b73f479a979d3e6fb04d9c69e33ad13
c104bc5974423b88e53e00bca716b0943a8287088540a368eac8ba0e4d6c9428
c3c2e2538dd857e04bb340d6230c8eeedca607d219bceba19897333cbd74b4f3
c4630ec46396be8e67434a3198086f6b6d454836cf6e04d5ec60fa96f205b478
c505161b7b106213680541a87fd510acd39ed912c9a4c699cbce4f37b1094aca
c81cd54a244982bbb738bedbca4b5087716910f7f46df0768f47ba1a3d42d815
c8a03522223cf64474a1f91e02c8069ea5560a23266b37b476d7602a621f0c38
cb2b4f80472d063991ccdeff84713f13faa6e6e380318f37ab9959df29256bf7
cbf55625818fe98a474453ffdbd494e260b7c72d750332a41fbffcea6db5306d
cc994041fe3887705c29e88b9ef56469746b511cc553d3a71e5bc009a1101cbe
ccc55d0a01b653671b6d8aca6abdaeba5202d849fe4eab33668b9dd2fd4cbc06
cda8a9c1a34b471d120ba00b83f18dd0a78377fe667d7d4406a4bf2affb63c33
cdcc401d4a26bc2bb6440296fec8e1690ed21151b481fbb1ca59ed3da65e78be
ced6d94498388b24b48c4e2aa311815357ab9489c735aedd7725e0b18a02433e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe85fc28aeffcff330272c09dc848768dd475cde13557cbb05f89c949205ca4
d0c38a90f582437785036981d25ebd0daa6fd7c2503efd95ade0f3f70beb5fe4
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d1abd444f5c85751a19a9e2f75b270a06963412e9e5bfa336976189540bfbe35
d26432e661658ef9d3d538b1f71b1478193f6c141f1cd7dfed03e5b677d178c2
d3d26de0446a94a4cbf66df1ad72333df883ea7334106a8267b9dfdbcc26e074
d3fb57ebee72a46e86dce25a7ab85e532ec7d64b02518fe31daa2b39c91e8430
d7ab1b38259b52fb84c04d55fc1125509cf0df05f897fc77fec4edf9db7a1595
d8f35a67f2129d433d9a690160ea7f637686033f5055199a7788f1bb500fe0e6
db311174b0e3c340727b63c055cfb5b317808e909503e1bda11cc58af444f12b
db548d5bee139736292e468cb807f09f3bdf053b48e1bfcda0a7495cbcd75c1c
dc565a2e386ba95f11546dcced9a60f6c552353fb6f389b8a8b734eba4ada792
de275322c95a52f479b9fb5af761dc7469890500e0bceb3606a5353f8251d183
df9f568395ee2c8e562831b79d6389474c4a0ff4c5c6dbfd355c0cfd6081bb8c
e0ba033e6cb25fa6e20186d6d8113cc3821028b7891c93eebe671b75f6eebc3f
e25d417687518354eac7e2aa73711b88eeb05436d6f037ccdae62be54445dc4f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e518d28fc305914d99970e7793785ff5143eb03b1ff3eaf90f980d3e28758cdd
e53654181ec330a977e2ae08bc92f7fedf0940e47f0e13c1874c5dd14a51fa28
e7dddadec953c70fd089e33214903e69068eb0a065ffce8a7c59e72a866cae97
e9ac0994dcab574d46a0252d5f1d52de91f26d3e0e7d0da3a6e742e49539f4ff
eafbdbc0095496b50fe402ab67963cc4ebba0d4075f384219b7eea3f84fedba9
ed870769c4fd967977ef0930a14927ac6035d0a9fcd9db0bcef385da69bea2eb
eefaada1164e9e8a3e3939cf7a958e1664d1903b6d211ee1e59ee53c4acec326
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02edc287b721a068471a9e12391d5ec4310291401d61f578bba197c1a6ac148
f0409e4394d90bda770edeb9ab6fe90902c7b7a3b7589c7c72f8b4739780457b
f209ff0958e0acab57c85b5bf057710777c44c57acadb53f9d063c5f15614059
f274598e02172fc31cb7b3eae2a897a9432c3fe360a49268b0672f09d6e03755
f90d159c7a961f8d49cf0197de9f4a31f91310b5cd03edc042f82beae766c88b
fb6bcf7d9261064812fe1b4d2b59b8c8ca52b7d0c522746ba9cec2dc01b3a7d4
fcd49fea6814fed9f383b99f2785e6db968b0b123c2aaefcf06646b713cf0f46
fd2879e3b0d373936b3a4f85f24bf5ae631ea76ec7c79b528b53bd4f3ea44de6
ff5c6ccd23219200d1ba0f66c328e5c014b436bc783b6ce18873dd9d6ac216c6

www.darkreading.com Open in urlscan Pro 2606:4700::6812:6e2f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

247 Requests

99 %HTTPS

60 %IPv6

26 Domains

41 Subdomains

40 IPs

5 Countries

4144 kBTransfer

11543 kBSize

22 Cookies

38 Outgoing links

Redirected requests

247 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.darkreading.com Open in urlscan Pro
2606:4700::6812:6e2f Public Scan

Screenshot
Live screenshot

Full Image

247
Requests

99 %
HTTPS

60 %
IPv6

26
Domains

41
Subdomains

40
IPs

5
Countries

4144 kB
Transfer

11543 kB
Size

22
Cookies

247 HTTP transactions
6 data transactions