www.infosecurity-magazine.com Open in urlscan Pro
163.171.132.119 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=
Effective URL:
https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdI...
Submission: On June 06 via manual (June 6th 2021, 12:29:27 pm UTC) from SA

Summary HTTP 138 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 22 domains to perform 138 HTTP transactions. The main IP is 163.171.132.119, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is www.infosecurity-magazine.com.
TLS certificate: Issued by Thawte RSA CA 2018 on October 20th 2020. Valid for: a year.

This is the only time www.infosecurity-magazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.71.206 104.17.71.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
16	220.242.170.82 220.242.170.82	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	184.30.24.121 184.30.24.121	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:803::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
8	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
3	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2600:9000:205... 2600:9000:2050:1800:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
8	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	199.232.198.49 199.232.198.49	54113 (FASTLY) (FASTLY)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	185.221.86.34 185.221.86.34	206998 (NEW-2) (NEW-2)
138	34

1 104.17.71.206 (United States)

ASN13335 (CLOUDFLARENET, US)

pages.fireeye.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

www.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 220.242.170.82 (China)

ASN54994 (QUANTILNETWORKS, US)

res.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.30.24.121 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-121.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

infosecuritymagazine.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

db07ac4e49e79c0aad68fdb594fc689c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:2050:1800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.198.49 (United States)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.221.86.34 (Ireland)

ASN206998 (NEW-2, IE)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	disquscdn.com c.disquscdn.com a.disquscdn.com	745 KB
25	infosecurity-magazine.com www.infosecurity-magazine.com res.infosecurity-magazine.com assets.infosecurity-magazine.com	611 KB
14	googlesyndication.com db07ac4e49e79c0aad68fdb594fc689c.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	203 KB
12	disqus.com infosecuritymagazine.disqus.com disqus.com referrer.disqus.com	103 KB
12	google.com 1 redirects www.google.com cse.google.com adservice.google.com clients1.google.com	169 KB
9	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	121 KB
5	cookielaw.org cdn.cookielaw.org	108 KB
5	googletagservices.com www.googletagservices.com	160 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	facebook.com www.facebook.com	312 B
2	google.de www.google.de adservice.google.de	906 B
2	facebook.net connect.facebook.net	97 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	addthis.com s7.addthis.com	190 KB
1	nr-data.net bam.eu01.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	onetrust.com geolocation.onetrust.com	408 B
1	addthisedge.com v1.addthisedge.com	436 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	fireeye.com pages.fireeye.com	1 KB
138	22

	Domain	Requested by
29	c.disquscdn.com	infosecuritymagazine.disqus.com disqus.com c.disquscdn.com
14	res.infosecurity-magazine.com	www.infosecurity-magazine.com res.infosecurity-magazine.com
9	disqus.com	infosecuritymagazine.disqus.com c.disquscdn.com
9	www.infosecurity-magazine.com	pages.fireeye.com www.infosecurity-magazine.com ajax.googleapis.com c.disquscdn.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net pages.fireeye.com
8	www.google.com	1 redirects www.infosecurity-magazine.com www.google.com securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
5	www.googletagservices.com	www.infosecurity-magazine.com securepubads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
2	a.disquscdn.com	www.infosecurity-magazine.com c.disquscdn.com
2	www.facebook.com	www.infosecurity-magazine.com connect.facebook.net
2	infosecuritymagazine.disqus.com	www.infosecurity-magazine.com infosecuritymagazine.disqus.com
2	connect.facebook.net	pages.fireeye.com connect.facebook.net
2	www.google-analytics.com	www.infosecurity-magazine.com
2	cse.google.com	www.infosecurity-magazine.com www.google.com
2	s7.addthis.com	www.infosecurity-magazine.com s7.addthis.com
2	assets.infosecurity-magazine.com	www.infosecurity-magazine.com
2	fonts.googleapis.com	www.infosecurity-magazine.com
1	referrer.disqus.com
1	bam.eu01.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.infosecurity-magazine.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	clients1.google.com	www.infosecurity-magazine.com
1	db07ac4e49e79c0aad68fdb594fc689c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	www.infosecurity-magazine.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.infosecurity-magazine.com
1	ajax.googleapis.com	www.infosecurity-magazine.com
1	pages.fireeye.com
138	35

This site contains links to these domains. Also see Links.

Domain
www.infosecurityeurope.com
www.infosecurityleadersnetwork.com
www.infosecuritynorthamerica.com
www.infosecurity.nl
www.infosecurity.be
www.infosecurityrussia.ru
www.infosecuritymexico.com
www.infosecurityme.com
www.facebook.com
twitter.com
www.linkedin.com
www.fireeye.com
www.infosec.co.uk
privacy.reedexpo.com
www.intuitiv.net
www.relx.com

Subject Issuer	Validity	Valid
pages.fireeye.com Cloudflare Inc ECC CA-3	`2020-07-11` - `2021-07-11`	a year	crt.sh
*.infosecurity-magazine.com Thawte RSA CA 2018	`2020-10-20` - `2021-11-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-10` - `2021-08-02`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.eu01.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2022-02-08`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Frame ID: D99BBACB155699BAFC1EBE8C1A673376
Requests: 78 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyZRmYR645JoZ6YU1wyZ2lTdqal84izKEL9ikxRyFCZKbgQ86ZYw0oiIdpnz2HzrsmpC82IpUK0Cgzy8QH8rjs2M5iHE5KyPxS2AUwcz3iG0cD2Pf49RMLHXeh3rn0CaqJn8IJG8TL43JTQME_e6JqgPVW4jIXhL8WJO-Cp40MaXZyHUV6GYDBye344j0HMZobxxFZaIW7fU1zPIx9lP2rnGJ2DJOxigMqDQTYEn-CpRGw7uE2LxGME_CMkXHp6p9hEfWhMQS6gGptdmYls8bBG6wZ7nb5Fem8ioGKYnhJ0LhQoNgJM88M2wls1o9vEaARqY2fgvDBb_iNi0WStrMVbq4fX_QCzjMUmSSD1Vj2p8JM03TO_3CejPcg9g&sai=AMfl-YQDTS1Ob-q9AIR_JH0FRSZkGrfetEizayLvm12XkIDpgDZNdsOcRCpn7u4NhfSpLb8fFrIMVx2cDDQITH6A4nBbD3aEaADnDL8SRX7Y8cC_2BNEAu7oi0RZ1pDqVbg&sig=Cg0ArKJSzImAGVcUR0Z5EAE&adurl=
Frame ID: 0421056C8FA1EA253DE8746FD7E346FF
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmnxXHrP5HV1EcIgI6hv3u0vfv3WU2HKAbyix24WDwOunOcCk2eRHVCbhPgCDMB9ccw3GyL54giZkSJI30668HeKl6nW8Qpa1jQFhVOnBDlo4RPrnSqB4qfzsgwuAw_Q-LbccUx9TI2ZqybXdfLlyFLFR-BcMW4GsV-51omW1Kzxq0ELjix-bG7DP4Pv33D-5AgV2wMlgLVQLNyP_WTCakb_7RKXaHpNxT_Z4_gZruPL2O6MeG_lL8Bgy92RVJdeqSH6oJVXXXaygKs0ZzmUzRMhMJQbz45RxK8Sjd4b2XiLYFOcQaIvAOQaaMxhfZZRpF3eObl5m2k-xbaH-JE2ICIS9Kz5R1cweyFj_MUpkm7yb8LZDOZDM1x8PL0A&sai=AMfl-YRsp_R-Pbbdiqn1yZ-ypm0xBEoN9fknGUE-jVgt8TceXk_vf454yN98DeN9bNMTpiYLt0lEUf0kbxrGzfZOHw3MzW7GWrPuBhdtSaxYCGStP_tY7mR2aWhg5XMK18o&sig=Cg0ArKJSzB24w_9brxiPEAE&adurl=
Frame ID: 1D38050FBD040FFC172AB954DF39CB5B
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_og1uM42OGJFSCnUz4dbNeQtvhfkIVBx1NZvJyvag89ckPTlNoTwDIGizPH9njyN9nfHOrwlcHeDU8K7rgEj6k5MsIYIQK9xMEan8Tk9xpzSSReAdFwOj0tO23m1U9n-4lzcy3aBjP4FGcUqF3uP9QZHn4Q8kz-zo6gID203GuuX8kKF5T40yMaSLMlbj4WusONmFDyLo5Gkv9F5jXBRJYTDBS7U3ElsCZU2dbdWPxHf4iIsFCeqYS9HW2ZulNa7zQZs6pn8Ce0F6WN_vnBQ9VAPfZLxyb_gSTH074PX8YxnYu8auc4x12hB-FF6t9tg2pi2f20U4qMYWRy_15pfR1oveQPFdnliml5KjdcoJvo4-fhHkGOYFGuMZ&sai=AMfl-YQjNF2inHfS2L2Dsvose3bz9cFVfBaj6PqZgdK6oIjdY8Kr8S3hSL9r-iobKIa0RP4rVvjbGLfmzze6XLmMKmCAwaUtcY9G1gAsqgwalWSmboldjRUPGn6JtZlzWsk&sig=Cg0ArKJSzIR3uiRiflX9EAE&adurl=
Frame ID: B473B07E4E1A0DFBE70F0925137CC3E3
Requests: 6 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
Frame ID: 441F0F3C1E0EAE4B37DCFF112F3537B9
Requests: 19 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio
Frame ID: 3F999E454D5FA6877EF7C69BE9F7221E
Requests: 16 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 61C4D9725565169C3B0C5663F700EFA8
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: F5AE80C292009DE076C9F34043BEA530
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 3BA49D5648F3A13964CFABDE78326A43
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC60EEDBD560E16ABE9B2142B3939297
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSi... Page URL
https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

138
Requests

98 %
HTTPS

68 %
IPv6

22
Domains

35
Subdomains

34
IPs

6
Countries

2685 kB
Transfer

5562 kB
Size

13
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://www.infosecurityeurope.com/
Title: Infosecurity Europe

Search URL Search Domain Scan URL

URL: http://www.infosecurityleadersnetwork.com/en/Leadership-Summit1/
Title: Infosecurity Leadership Summit

Search URL Search Domain Scan URL

URL: http://www.infosecuritynorthamerica.com/
Title: Infosecurity North America

Search URL Search Domain Scan URL

URL: http://www.infosecurity.nl/
Title: Infosecurity Netherlands

Search URL Search Domain Scan URL

URL: http://www.infosecurity.be/
Title: Infosecurity Belgium

Search URL Search Domain Scan URL

URL: http://www.infosecurityrussia.ru/
Title: Infosecurity Russia

Search URL Search Domain Scan URL

URL: http://www.infosecuritymexico.com/
Title: Infosecurity Mexico

Search URL Search Domain Scan URL

URL: http://www.infosecurityme.com/
Title: Infosecurity Middle East

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Infosecurity-Magazine/210560332330063

Search URL Search Domain Scan URL

URL: https://twitter.com/InfosecurityMag

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?gid=2035794&trk=myg_ugrp_ovr

Search URL Search Domain Scan URL

URL: http://twitter.com/philmuncaster
Title: Follow @philmuncaster

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2021/05/unc2529-triple-double-trifecta-phishing-campaign.html
Title: security firm concluded.

Search URL Search Domain Scan URL

URL: http://www.infosec.co.uk/en/about/infosecurity-group/

Search URL Search Domain Scan URL

URL: https://privacy.reedexpo.com/en-gb.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.reedexpo.com/en-gb/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.intuitiv.net/website-design-and-development-services
Title: Intuitiv Custom Websites

Search URL Search Domain Scan URL

URL: https://www.relx.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk= Page URL
https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o HTTP 301
https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

138 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk= Show response
pages.fireeye.com/ 522 B
1 KB 474ms
234ms Document
text/html 104.17.71.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.71.206 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07d19364f58e8be9a031a6a3d18a0cf791ecb6956aa2f17a5a0405a1d170a637

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: pages.fireeye.com
:scheme: https
:path: /ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:09 GMT
content-type: text/html
cache-control: private, no-cache, no-store, max-age=0
x-content-type-options: nosniff
vary: Accept-Encoding
set-cookie: BIGipServersj_mailtracking_http=!E/aHDyombiTk3femfApvaf9MEhiEHfJ7qybUnXjcz3nwIP+MSOGZpPq3AIKbjphp7yb/Nnb9JjJ8utQ=; path=/; Httponly; Secure __cf_bm=bfc98c90553a3c427301f2073d12ed5eeb6d6191-1622982549-1800-AW81CfyyqhQUTH+48BLpRD1ZmRo/u6FXxosQYnLpDEsgIVkErFOIrwgCslT5VjSThCVA7Db9TwsjsFClP1Bzows=; path=/; expires=Sun, 06-Jun-21 12:59:09 GMT; domain=.pages.fireeye.com; HttpOnly; Secure; SameSite=None
cf-cache-status: DYNAMIC
cf-request-id: 0a82e578780000ee6dd5097000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 65b1a5072a62ee6d-CDG
content-encoding: gzip

GET
H/1.1 200
OK Primary Request Cookie set / Show response
www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/ 63 KB
17 KB 2053ms
1972ms Document
text/html 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e9baeaf60a7668f0fa07b6654105515d869595eb0d3c92d01e8077f46c510588

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.infosecurity-magazine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://pages.fireeye.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://pages.fireeye.com/

Response headers

Date: Sun, 06 Jun 2021 12:29:11 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Cache-Control: private
Server: PWS/8.3.1.0.8
Set-Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Via: 1.1 PS-FRA-01BQV163:7 (W), 1.1 PS-FRA-01E6z147:6 (W), 1.1 PSdgflkfFRA2sg74:12 (W)
X-Px: ms PSdgflkfFRA2sg74FRA,ms PS-FRA-01E6z147FRA,ms PS-FRA-01BQV163FRA(origin)
X-Ws-Request-Id: 60bcbf95_PSdgflkfFRA2gb7_46709-22371
Content-Encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 9 KB
911 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

972c9c1da063aec229e5e8b8dfddf89a946b28b4cab8af4002d8cb12ec1399e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Jun 2021 12:29:11 GMT
server: ESF
date: Sun, 06 Jun 2021 12:29:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Jun 2021 12:29:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 664 B
428 B 29ms
27ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Jun 2021 12:13:51 GMT
server: ESF
date: Sun, 06 Jun 2021 12:29:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Jun 2021 12:29:11 GMT

GET
H/1.1 200
OK base.css
res.infosecurity-magazine.com/css-0012/ 22 KB
5 KB 121ms
25ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/base.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

678b8e1ba87a6638950278e0882372b8a5a19a999382c3cabb1e9e144b595e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:11 GMT
Via: 1.1 PSfgblPAR2xf192:2 (W), 1.1 PSdgflkfFRA1yz203:8 (W), 1.1 kf41:3 (W)
X-Content-Type-Options: nosniff
Age: 1997695
Transfer-Encoding: chunked
X-Px: ht kf41FRA
Connection: keep-alive
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:12 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60bcbf97_kf43_191105-1667
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2764800
Expires: Wed, 17 Feb 2021 10:29:22 GMT

GET
H/1.1 200
OK colour-codes.css
res.infosecurity-magazine.com/css-0012/ 11 KB
2 KB 118ms
22ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/colour-codes.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

63ebce060749b8de50579045bcad5148ae53a0da56851bd1558e585ddfa5b2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1997695
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf97_kf43_192087-1614
Content-Length: 1354
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:12 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Via: 1.1 PShlamstdAMS1qj18:0 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 09:34:16 GMT

GET
H/1.1 200
OK article.css
res.infosecurity-magazine.com/css-0012/ 12 KB
3 KB 119ms
23ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/article.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

544746b39aec5e583d4a50fe5a4580ae00e40b5bed78af9706fbb1822325e62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1997695
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf97_kf43_191968-55649
Content-Length: 2775
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Via: 1.1 PSdgflkfFRA1zm204:5 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 09:34:16 GMT

GET
H/1.1 200
OK whats-hot.css
res.infosecurity-magazine.com/css-0012/ 3 KB
1 KB 120ms
25ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/whats-hot.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6729beb6a0bdf0264f0492fa345fe2462b3ca4bd972bcc353289b078383844c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1997695
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf97_kf43_192566-578
Content-Length: 834
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Via: 1.1 PShlamstdAMS1qj18:4 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 09:34:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 20:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Jun 2022 20:52:38 GMT

GET
H/1.1 200
OK modernizr.js Show response
res.infosecurity-magazine.com/js-0012/ 2 KB
2 KB 120ms
24ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/modernizr.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

9bf5bb2d38aff2e30c602ac7d894968b9f384062ef48348619c0b35d1f6e1cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:11 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2000663
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf97_kf43_191890-38567
Content-Length: 1259
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PSdgflkfFRA1dt202:0 (W), 1.1 PS-FRA-01E6z147:2 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:44:48 GMT

GET
H/1.1 200
OK infosecurity-group.svg
www.infosecurity-magazine.com/_common/img/ 4 KB
5 KB 67ms
21ms Image
image/svg+xml 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/infosecurity-group.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

c39eb617c167bdd58f665aef1c4482546eb2892a674846278bafd100c64f4116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PSygldLON2wq20:8 (W), 1.1 PShlamstdAMS1pu19:9 (W), 1.1 PSdgflkfFRA2sg74:13 (W)
X-Content-Type-Options: nosniff
Age: 362474
X-Px: ht PSdgflkfFRA2sg74FRA
Connection: keep-alive
Content-Length: 4256
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:20 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "bb3ed914cf8dd61:0"
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_46900-56037
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Accept-Ranges: bytes

GET
H/1.1 200
OK ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg
assets.infosecurity-magazine.com/profile/thumb/ 2 KB
3 KB 107ms
22ms Image
image/jpeg 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/profile/thumb/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4ca958cef450a74a99f7c5f676dd7b8267ff7d1c168cd28dc45b5b1d530391f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1912319
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_191105-1673
Content-Length: 2107
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Wed, 04 Dec 2019 10:39:58 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "2c0BmoNNmocQrkHghluXZY3/CEdYJt6uNlvNCxM4OPw="
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Via: 1.1 PShlamstdAMS1lb17:9 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Link: <http://assets.infosecurity-magazine.com/profile/original/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg>; rel="canonical"
Expires: Wed, 16 Jun 2021 09:17:13 GMT

GET
H/1.1 200
OK relx-logo-2019.png
www.infosecurity-magazine.com/_common/img/ 10 KB
11 KB 69ms
22ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/relx-logo-2019.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e7a1d846904e1a3394f82ca308b8b1adbafd81d7a80eaafaa02d8e1e47ea9cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PSygldLON4uq211:2 (W), 1.1 PSdgflkfFRA1zm204:10 (W), 1.1 PSdgflkfFRA2sg74:11 (W)
X-Content-Type-Options: nosniff
Age: 362474
X-Px: ht PSdgflkfFRA2sg74FRA
Connection: keep-alive
Content-Length: 10549
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "e8aa6214cf8dd61:0"
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_47308-1228
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Accept-Ranges: bytes

GET
H/1.1 200
OK underscore.min.js Show response
res.infosecurity-magazine.com/js-0012/ 15 KB
6 KB 23ms
23ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/underscore.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

221dd3238795d2e786c5798f80cbb3998c6d1db7ce6d829725af8f5ab7e55bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2000664
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_191105-1668
Content-Length: 5124
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1pu19:7 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:44:48 GMT

GET
H/1.1 200
OK unveil.js Show response
res.infosecurity-magazine.com/js-0012/ 603 B
994 B 22ms
22ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/unveil.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

7ef35ca79023b3de6a36ea2ca000a3cb4e380d17b8af64aa527f121444010d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2000664
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_192566-579
Content-Length: 366
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1pu19:4 (W), 1.1 kf148:2 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:44:48 GMT

GET
H/1.1 200
OK ticker.min.js Show response
res.infosecurity-magazine.com/js-0012/ 3 KB
2 KB 27ms
23ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ticker.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0d662e241e97f4716c225b472df672636700ee994b3d5ab93aaa2887a57d690c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 1997696
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_191890-38568
Content-Length: 1108
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1pu19:6 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 09:34:16 GMT

GET
H/1.1 200
OK tracking.js Show response
res.infosecurity-magazine.com/js-0012/ 873 B
1 KB 27ms
23ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/tracking.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

db606689388acdc641b527e6ea307c11af962f7e14c3c6e9e7fc76fe264a3717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2000664
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_192566-581
Content-Length: 450
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1qj18:7 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:44:48 GMT

GET
H/1.1 200
OK ism.js Show response
res.infosecurity-magazine.com/js-0012/ 4 KB
2 KB 26ms
22ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ism.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

74192712778ebae4770b6a5b5f6d6b0f914680673d647b791f4ffa979dc2b95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2000664
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_191968-55650
Content-Length: 1845
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PSdgflkfFRA1yz203:7 (W), 1.1 PS-FRA-01E6z147:1 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:44:48 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 30ms
10ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 06 Jun 2021 12:29:12 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK ism.whatshot.js Show response
res.infosecurity-magazine.com/js-0012/ism/ 810 B
970 B 27ms
22ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ism/ism.whatshot.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

526f6ee950b2b777d23694bb65b53bba1baf47ea87dc6c227eeb34a19f68decc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 2000664
X-Px: ht kf41FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_191105-1670
Content-Length: 358
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PSdgflkfFRA1dt202:9 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:44:48 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v17/ 30 KB
30 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v17/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee8dc3fdcf311e88a5779e74cee39670aeaf2b95f90856b8eb2fc74e1bc1b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.infosecurity-magazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 01:46:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:59:57 GMT
server: sffe
age: 470547
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30296
x-xss-protection: 0
expires: Wed, 01 Jun 2022 01:46:45 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
40 KB 24ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5d2bbf53a08ced8ba400fee5919484d5a12371fe8994c84b97ac7d84213b436

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41345
x-xss-protection: 0
last-modified: Sun, 06 Jun 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 38ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "894 / 517 of 1000 / last-modified: 1622844533"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21347
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o
https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

10 KB
4 KB

65ms
45ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

02012a7f72db1a9cda3e6d977d491fcd365ee56f9fac969dc6e537a9c51553f4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3440
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

Redirect headers

date: Sun, 06 Jun 2021 12:01:41 GMT
x-content-type-options: nosniff
server: sffe
age: 1651
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o
cache-control: public, max-age=1800
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:31:41 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4669
date: Sun, 06 Jun 2021 11:11:23 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sun, 06 Jun 2021 13:11:23 GMT

GET
H/1.1 200
OK rounded-rectangle.png
res.infosecurity-magazine.com/img/ 185 B
754 B 22ms
22ms Image
text/plain 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/rounded-rectangle.png

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/css-0012/base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

91dfa0b3cde79113a212e68b9c95a1f167ce48cf31730a699cbc0151a8001a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PShlamstdAMS1lb17:8 (W), 1.1 PS-FRA-01E6z147:1 (W), 1.1 kf41:3 (W)
X-Content-Type-Options: nosniff
Age: 1999984
X-Px: ht kf41FRA
Connection: keep-alive
Content-Length: 185
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:20 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60bcbf98_kf43_192087-1616
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:56:08 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 16ms
13ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.infosecurity-magazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 06:30:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
age: 453509
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
expires: Wed, 01 Jun 2022 06:30:43 GMT

GET
H/1.1 200
OK bg-header-circuit.png
res.infosecurity-magazine.com/img/ 51 KB
52 KB 24ms
23ms Image
text/plain 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/bg-header-circuit.png

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/css-0012/base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e084e78063db8d13c09375cf6f913a180e96d3ce7d662bac5ae9b18cc789945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PShlamstdAMS1qj18:5 (W), 1.1 kf160:4 (W), 1.1 kf41:3 (W)
X-Content-Type-Options: nosniff
Age: 1997696
X-Px: ht kf41FRA
Connection: keep-alive
Content-Length: 52513
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60bcbf98_kf43_191105-1671
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 09:34:16 GMT

GET
H/1.1 200
OK sprite.svg
res.infosecurity-magazine.com/img/ 389 KB
389 KB 35ms
34ms Image
image/svg+xml 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/sprite.svg

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/css-0012/base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

108136cdaaa0dbe0f215a5d6bc112b2b76f4e1a7b71c0463906fb301f481ffe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PSygldLON2sq21:2 (W), 1.1 PSdgflkfFRA1dt202:10 (W), 1.1 kf41:3 (W)
X-Content-Type-Options: nosniff
Age: 1999984
X-Px: ht kf41FRA
Connection: keep-alive
Content-Length: 398205
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60bcbf98_kf43_192087-1617
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Cache-Control: public, max-age=2764800
Expires: Tue, 15 Jun 2021 08:56:08 GMT

GET
H/1.1 200
OK 8c6dbfd8-768a-49a1-99e5-c32bced33757.jpg
assets.infosecurity-magazine.com/webpage/feat/ 89 KB
89 KB 84ms
28ms Image
image/jpeg 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/webpage/feat/8c6dbfd8-768a-49a1-99e5-c32bced33757.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

2b36b5dbbf62d4165ba63f0c66f5253c0bed0bf64979a36f3de7fdf55e41708b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Px: ms kf41FRA,ht PS-FRA-01nxn162FRA
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_kf43_191968-55651
Content-Length: 90746
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Wed, 05 May 2021 09:06:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "zEEm9JBzDyQ35XpBafP6ZoIkmGlhxrRoTE0/D08erFw="
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Via: 1.1 PS-FRA-01nxn162:10 (W), 1.1 kf41:3 (W)
Cache-Control: public, max-age=2764800
Link: <http://assets.infosecurity-magazine.com/webpage/original/8c6dbfd8-768a-49a1-99e5-c32bced33757.jpg>; rel="canonical"
Expires: Fri, 18 Jun 2021 08:00:44 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.infosecurity-magazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 14:20:23 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 May 2021 21:21:56 GMT
server: sffe
age: 425329
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
expires: Wed, 01 Jun 2022 14:20:23 GMT

GET
H/1.1 200
OK Cookie set / Show response
www.infosecurity-magazine.com/webpage-view/ 0
634 B 69ms
66ms XHR
text/plain 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/webpage-view/?webpageId=129571

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b; _ga=GA1.2.1716994379.1622982552; _gid=GA1.2.1939633093.1622982552
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PShlamstdAMS1qj18:5 (W), 1.1 PSdgflkfFRA2sg74:14 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Set-Cookie: ISM.Visitor=vid=1466c33d-4b2c-470c-8c05-bf6499fe31d9; expires=Wed, 07-Jul-2021 12:29:12 GMT; path=/
Cache-Control: private
X-Px: ms PSdgflkfFRA2sg74FRA,ms PShlamstdAMS1qj18AMS(origin)
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_46900-56039
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
98 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-7632735-1&cid=1716994379.1622982552&jid=1914048580&gjid=1380999431&_gid=1939633093.1622982552&_u=IGBAgAADAAAAAE~&z=1092588482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 06 Jun 2021 12:29:12 GMT
content-type: text/plain
access-control-allow-origin: https://www.infosecurity-magazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=600992876&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&dr=https%3A%2F%2Fpages.fireeye.com%2F&ul=en-us&de=UTF-8&dt=Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAD~&jid=1914048580&gjid=1380999431&cid=1716994379.1622982552&tid=UA-7632735-1&_gid=1939633093.1622982552&z=1275778261

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 05 Jun 2021 18:48:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63654
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 38ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 56ms
19ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15336
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/session-control/ 360 B
954 B 50ms
50ms XHR
application/json 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/session-control/?method=disqus&id=129571

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

c16c43f22c506659ce46766bdfe4d9ae1fc8c0668bf4486e2ea488a73ef0914b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b; _ga=GA1.2.1716994379.1622982552; _gid=GA1.2.1939633093.1622982552; _gat=1
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 kf161:1 (W), 1.1 PS-FRA-01E6z147:0 (W), 1.1 PSdgflkfFRA2gb73:14 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Cache-Control: private
X-Px: ms PSdgflkfFRA2gb73FRA,ms PS-FRA-01E6z147FRA,ms kf161FRA(origin)
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_47308-1232
Content-Length: 360
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/session-control/ 248 B
843 B 51ms
48ms XHR
application/json 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/session-control/?method=acctbtns&time=1622982552202

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4bf58e0daf92aad29f2bc18a95e24aecc695dc71a395785432fc221bb716b1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b; _ga=GA1.2.1716994379.1622982552; _gid=GA1.2.1939633093.1622982552; _gat=1
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 kf161:1 (W), 1.1 PS-FRA-01E6z147:0 (W), 1.1 PSdgflkfFRA2gb73:14 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Cache-Control: private
X-Px: ms PSdgflkfFRA2gb73FRA,ms PS-FRA-01E6z147FRA,ms kf161FRA(origin)
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_47153-65031
Content-Length: 248
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/nav/mobile/ 5 KB
5 KB 75ms
48ms XHR
text/html 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/nav/mobile/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6a845ff3ff7a8a8e49e7640cd8c2f215ca8a7a58d2e12cf8b6b81b635816b934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=nz0sqx4hsl22zrplj1fd553b; _ga=GA1.2.1716994379.1622982552; _gid=GA1.2.1939633093.1622982552; _gat=1
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PS-FRA-01nxn162:8 (W), 1.1 PS-FRA-01E6z147:8 (W), 1.1 PSdgflkfFRA2sg74:5 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=utf-8
Cache-Control: private
X-Px: ms PSdgflkfFRA2sg74FRA,ms PS-FRA-01E6z147FRA,ms PS-FRA-01nxn162FRA(origin)
Connection: keep-alive
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_46900-56044
Content-Length: 4899
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4d79fed038d59786/ 483 B
436 B 197ms
196ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4d79fed038d59786/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-121.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f25fede4db5b93e5c049b991dde0bacd7f8b496343a8b07ac97c6ea5b1f5653

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
etag: -1567020332--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=58, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 260

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 29ms
12ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: H8Znzy3Akix+HhQXpXQuNw==
age: 5262
vary: Accept-Encoding
content-length: 5809
cf-request-id: 0a82e582ad00004ece09958000000001
x-ms-lease-status: unlocked
last-modified: Tue, 01 Jun 2021 19:18:08 GMT
server: cloudflare
etag: 0x8D92531FD64E522
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7369169e-701e-001d-06c3-5a010c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65b1a517792d4ece-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 37ms
12ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24155
x-fb-rlafr: 0
pragma: public
x-fb-debug: B5DcGDtWB6kPih52UacMuvs8i6o2l1/bECxhmNuSFCIP6fvr1aH5NNBUx1HWim3FHdhOzZoEYFa9bLvfW+hAVA==
x-fb-trip-id: 1709462857
x-frame-options: DENY
date: Sun, 06 Jun 2021 12:29:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-7632735-1&cid=1716994379.1622982552&jid=1914048580&_u=IGBAgAADAAAAAE~&z=1636520677

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-7632735-1&cid=1716994379.1622982552&jid=1914048580&_u=IGBAgAADAAAAAE~&z=1636520677

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:45:17 GMT

GET
H3-29 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 7ms
6ms Stylesheet
text/css 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 06 Jun 2022 11:45:17 GMT

GET
H3-29 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
1 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 11:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Jun 2021 12:35:17 GMT

GET
H/1.1 200
OK embed.js Show response
infosecuritymagazine.disqus.com/ 74 KB
24 KB 49ms
15ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecuritymagazine.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

aa50c7a1895457784d07961e49bd9912e777dbe8fae1310abf10792606052a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
Server: openresty
Age: 63
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24597

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 42ms
22ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infosecurity-magazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 35ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infosecurity-magazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 49 KB
11 KB 79ms
64ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3247922016535234&correlator=1107733603501568&output=ldjh&impl=fifs&eid=31060784%2C31061143%2C44740387&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210606&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cglobal-phishing-campaign-drops-new&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%2C728x90%2C728x90&cust_params=topics%3DData%2520Protection%252CMalware%252CPhishing%252CThreat%2520Intelligence&cookie_enabled=1&bc=31&abxe=1&lmt=1622982552&dt=1622982552308&dlt=1622982551947&idt=341&frm=20&biw=1600&bih=1200&oid=3&adxs=1022%2C250%2C622&adys=812%2C68%2C1815&adks=2608124609%2C225845157%2C2042032310&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&ref=https%3A%2F%2Fpages.fireeye.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=356x983%7C1100x0%7C728x51&msz=356x56%7C728x90%7C728x0&ga_vid=1716994379.1622982552&ga_sid=1622982552&ga_hid=600992876&ga_fc=false&fws=128%2C128%2C128&ohw=0%2C0%2C0&btvi=0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

923d150c3d48fb89869b13377e11378e1a8de82d48e4281f95869d0ad945bbf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11334
x-xss-protection: 0
google-lineitem-id: 5709002318,5709002318,29373892
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351487884,138351817684,138347657421
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.infosecurity-magazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
db07ac4e49e79c0aad68fdb594fc689c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://db07ac4e49e79c0aad68fdb594fc689c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 6b575081-117f-49ba-bff7-347875107505.json Show response
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/ 3 KB
2 KB 42ms
26ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/6b575081-117f-49ba-bff7-347875107505.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f2954f62d214e6071faac26ee729343e6e2daee732a017a1fd45cb26ede64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xRqYQR7/U+dzRX/LS9DqZg==
age: 2202
vary: Accept-Encoding
content-length: 1158
cf-request-id: 0a82e583170000c2f4ac12d000000001
x-ms-lease-status: unlocked
last-modified: Tue, 27 Apr 2021 18:43:33 GMT
server: cloudflare
etag: 0x8D909AC5C247538
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b79ec9b3-501e-0001-719d-3bd91b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65b1a5182dbac2f4-FRA

GET
H3-29 200 580638648955413 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 65ms
51ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/580638648955413?v=2.9.40&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0445777080cbd7e5753a7a712af7e11bdbeaf665c15c1bdafefcd072b038d0b7

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: /YQ09+x6CSu5WBR8zUiHrtefWBqtA/7PZgMzXcsm6sWB/uF8U/jZu2VVSCOY0fZNFOi+V8YZBvm52nPGxZXUGw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 06 Jun 2021 12:29:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ 180 KB
62 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c42e757b8de43c15a18cd56d0f44b8688ddfcfe687ced5bb3e9b683651330933

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "13974221484588874479"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 19:47:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 405720
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Wed, 01 Jun 2022 19:47:12 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
182 B 26ms
5ms Image
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
408 B 46ms
26ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 65b1a5188992dff7-FRA
cf-request-id: 0a82e5835b0000dff781b4f000000001

GET
H2 200 lounge.7dd5a93aa81cda49c533d8058d1faba1.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 72ms
25ms Other
text/css 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243916
x-cache: Hit from cloudfront
content-length: 25527
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 03 Jun 2021 16:28:34 GMT
server: nginx
etag: "60b90332-63b7"
content-type: text/css; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 03 Jun 2022 16:43:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: G-DQhKWoj8BIpnwfp0-zAhJF0dBxv_n7Rl56u7x_G-1g0hhMTduviw==
x-cache-hits: 0

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js
c.disquscdn.com/next/embed/ 0
93 KB 72ms
26ms Other
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 09:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2775068
x-cache: Hit from cloudfront
content-length: 94786
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-17242"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 09:38:04 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: YFTGXU66nF6Yo3jBNlgukH9sqOg6WoyKvTV4OZ9HDy1El7PWVQiZ_Q==
x-cache-hits: 0

GET
H2 200 lounge.bundle.86ba4df537c9bbadff5e7923b6ce4ace.js
c.disquscdn.com/next/embed/ 0
118 KB 72ms
26ms Other
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.86ba4df537c9bbadff5e7923b6ce4ace.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243916
x-cache: Hit from cloudfront
content-length: 120149
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 03 Jun 2021 16:28:34 GMT
server: nginx
etag: "60b90332-1d555"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 03 Jun 2022 16:43:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: beC3pygRxMxTFVsjde6bqE7d-TqeBMu4n-Sj_GEBis0JWSRNrrdCwQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 33ms
11ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 16
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11848
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
infosecuritymagazine.disqus.com/ 62 KB
21 KB 153ms
151ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecuritymagazine.disqus.com/recommendations.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

d095a10edaad6211950687f096747c692e1785b2959c81ad51d8cca4e8e87c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20725

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0421 0
0 43ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyZRmYR645JoZ6YU1wyZ2lTdqal84izKEL9ikxRyFCZKbgQ86ZYw0oiIdpnz2HzrsmpC82IpUK0Cgzy8QH8rjs2M5iHE5KyPxS2AUwcz3iG0cD2Pf49RMLHXeh3rn0CaqJn8IJG8TL43JTQME_e6JqgPVW4jIXhL8WJO-Cp40MaXZyHUV6GYDBye344j0HMZobxxFZaIW7fU1zPIx9lP2rnGJ2DJOxigMqDQTYEn-CpRGw7uE2LxGME_CMkXHp6p9hEfWhMQS6gGptdmYls8bBG6wZ7nb5Fem8ioGKYnhJ0LhQoNgJM88M2wls1o9vEaARqY2fgvDBb_iNi0WStrMVbq4fX_QCzjMUmSSD1Vj2p8JM03TO_3CejPcg9g&sai=AMfl-YQDTS1Ob-q9AIR_JH0FRSZkGrfetEizayLvm12XkIDpgDZNdsOcRCpn7u4NhfSpLb8fFrIMVx2cDDQITH6A4nBbD3aEaADnDL8SRX7Y8cC_2BNEAu7oi0RZ1pDqVbg&sig=Cg0ArKJSzImAGVcUR0Z5EAE&adurl=

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 0421 2 KB
2 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 12:27:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0421 122 KB
37 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 0421 0
0 15ms
14ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaReNG04_19IOrTIL6OGTkTgiBXzNkE3i0GHV_cKH8Ftdtas8veDjgSnhbJwCt_wWbjN9sn4
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 6745815805684845354
tpc.googlesyndication.com/simgad/ Frame 0421 98 KB
98 KB 40ms
17ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6745815805684845354

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a792cfdb1d9ae16679db87e04deb24aeaf9d3a81459a26b792ba96b25735bfa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 09:29:55 GMT
x-content-type-options: nosniff
age: 356357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100474
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 09:08:47 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 09:29:55 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D38 0
0 42ms
41ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstmnxXHrP5HV1EcIgI6hv3u0vfv3WU2HKAbyix24WDwOunOcCk2eRHVCbhPgCDMB9ccw3GyL54giZkSJI30668HeKl6nW8Qpa1jQFhVOnBDlo4RPrnSqB4qfzsgwuAw_Q-LbccUx9TI2ZqybXdfLlyFLFR-BcMW4GsV-51omW1Kzxq0ELjix-bG7DP4Pv33D-5AgV2wMlgLVQLNyP_WTCakb_7RKXaHpNxT_Z4_gZruPL2O6MeG_lL8Bgy92RVJdeqSH6oJVXXXaygKs0ZzmUzRMhMJQbz45RxK8Sjd4b2XiLYFOcQaIvAOQaaMxhfZZRpF3eObl5m2k-xbaH-JE2ICIS9Kz5R1cweyFj_MUpkm7yb8LZDOZDM1x8PL0A&sai=AMfl-YRsp_R-Pbbdiqn1yZ-ypm0xBEoN9fknGUE-jVgt8TceXk_vf454yN98DeN9bNMTpiYLt0lEUf0kbxrGzfZOHw3MzW7GWrPuBhdtSaxYCGStP_tY7mR2aWhg5XMK18o&sig=Cg0ArKJSzB24w_9brxiPEAE&adurl=

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame 1D38 2 KB
1 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 12:27:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1D38 122 KB
37 KB 28ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 16852085848251854040
tpc.googlesyndication.com/simgad/ Frame 1D38 37 KB
37 KB 33ms
14ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16852085848251854040

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

202022fc5e67edf183fd27c0cd0bbea87ffc4c171a2069c85a29722ba70ae63e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 02 Jun 2021 09:29:55 GMT
x-content-type-options: nosniff
age: 356357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37739
x-xss-protection: 0
last-modified: Wed, 02 Jun 2021 09:08:47 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Jun 2022 09:29:55 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B473 0
0 41ms
40ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_og1uM42OGJFSCnUz4dbNeQtvhfkIVBx1NZvJyvag89ckPTlNoTwDIGizPH9njyN9nfHOrwlcHeDU8K7rgEj6k5MsIYIQK9xMEan8Tk9xpzSSReAdFwOj0tO23m1U9n-4lzcy3aBjP4FGcUqF3uP9QZHn4Q8kz-zo6gID203GuuX8kKF5T40yMaSLMlbj4WusONmFDyLo5Gkv9F5jXBRJYTDBS7U3ElsCZU2dbdWPxHf4iIsFCeqYS9HW2ZulNa7zQZs6pn8Ce0F6WN_vnBQ9VAPfZLxyb_gSTH074PX8YxnYu8auc4x12hB-FF6t9tg2pi2f20U4qMYWRy_15pfR1oveQPFdnliml5KjdcoJvo4-fhHkGOYFGuMZ&sai=AMfl-YQjNF2inHfS2L2Dsvose3bz9cFVfBaj6PqZgdK6oIjdY8Kr8S3hSL9r-iobKIa0RP4rVvjbGLfmzze6XLmMKmCAwaUtcY9G1gAsqgwalWSmboldjRUPGn6JtZlzWsk&sig=Cg0ArKJSzIR3uiRiflX9EAE&adurl=

Requested by

Host: pages.fireeye.com
URL: https://pages.fireeye.com/ODQ4LURJRC0yNDIAAAF9b99fPRm0zIsaOkeDotGDD6QHKmJgnSzczo6jo2HQ8dK4XF_R3fth_jSis1vK9WKiRO-mezk=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/ Frame B473 2 KB
1 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210601/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Jun 2021 12:27:26 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B473 122 KB
37 KB 25ms
16ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622806011323838"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37960
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 8368818907676551129
tpc.googlesyndication.com/simgad/ Frame B473 38 KB
39 KB 22ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8368818907676551129

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7625af3731123af3500658039a05ba9b38bb23e1ad8c8d7cfda30bcd410fd008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 01 Jun 2021 22:06:38 GMT
x-content-type-options: nosniff
age: 397354
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39264
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 10:38:09 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Jun 2022 22:06:38 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 36ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1622805992319560"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28149
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 17ms
14ms Script
application/javascript 184.30.24.121
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.24.121 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-24-121.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 06 Jun 2021 12:29:12 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.17.0/ 377 KB
84 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 66Z8bY5FXXAAikIS37tpYA==
age: 3826926
vary: Accept-Encoding
content-length: 85833
cf-request-id: 0a82e5837d00004ecef11d3000000001
x-ms-lease-status: unlocked
last-modified: Tue, 20 Apr 2021 14:24:16 GMT
server: cloudflare
etag: 0x8D90407FA712F62
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e70f6f2c-901e-0017-5401-381885000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65b1a518ccd44ece-FRA
expires: Mon, 14 Jun 2021 12:29:12 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1D38 0
0 56ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstEylQvWkhISCqAw0OhfnvajRsJ-iPWQ155-_bzeuFyRh7Ux90al_e5jytj21xKzsHislkzIDwcSJWl0SqeTowDhWOXi8eI0WMnMSma7gHKH1yNsnxB_qwOfjowVCmSCw4UBynV_TpvUvRlMo0lMGqG1oTHSMfMLRNMGDFKNSdA62Pbov2h1CwjJgrMYw2X0ykaMGLOMBND1tS_WNxGagOYa7eF2UMJ1DVhIJX9SasuOJf3H6hGZIW9MK2NUaJij3aT4WuX1EdPyxxm6ydPHMuKOogFbLTT_XOAI9mwqufKjB5vM_21yFXlIugO0JWF7iVKXeUEkhcGEd56nbvb_JsGz_MgwXTEoOYMTS3AqlGOg-Mgt--Tb39DoCpRFHOe&sai=AMfl-YQ3bDQBMYFHfQJ_s3j6vaoYd3zDVPjcd0XinIjOJIQLghE2fO0HRXp8KHddG1PPfzF_1o138g8D6h80NSbX5LuGXU9lvTAkDxwaJYz9uyjc3XJqQBU7FMLYt5j8Ews&sig=Cg0ArKJSzEJefcss_78REAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
DATA 200
OK truncated
/ Frame 1D38 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7051b308ba8263ba7a453b9c3036eaaa3b8734b3adec537ddc89468acac5d86

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B473 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubEvzsG6HfrRcDKPHKcMSDFOe6Or_5dB_CdsV9WtKv2SVzDZvPS0Bq3Dc3-4j7NTQqFcdXplwWkwjLSvWfFzEavDYHYiglsEXnCAb118yZ8aj1Y9c7s93OK84HjLW4Ta1RqobrsBwS4dvRcIcI9JwuKtB-8gvCehXkycMJh0bXxAlCXAkOZYaal_LYUlNzARJFOGl7efn1wELkiw-BkVpaQioQ8sWR_dtXUxCju9iAWQgNHsvYOhRZ8a6CBdcNE3esCotScqUia942ShxLguyWoIl3PkzwoNf01J4go5Tg39LqZsYINko79DtNDCgc1K8y0gHvfEuSzKQADvEaBFp2dAnVec0wM5_ScpIA7mUhlry7vwCx49NX-ZITcs0&sai=AMfl-YRdej0b1j-1ipzPaAinKFnmOSkABF4jqA8BJTPlU40rtp4lH7of_pY6ZmHbo3kYQ7-C8AyKku3-kfRPrYbbw5Lg56zTq7M0Ak19OPA46Ze84l2o4bmOca-pOuE45BM&sig=Cg0ArKJSzEMuIlQEaJjSEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
DATA 200
OK truncated
/ Frame B473 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49850e729150548475fa57ef13507f6654e0deb5bc32397c225c3cf499b4d0f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0421 0
0 41ms
41ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZfKOg6n3xUsmagCwmGH0ozI657QgFrTz43rHV-moVomi6AVCNsxRPfYThArn3dANhL6_FzHD5mMPyqfiyIjiVtV4oKUuo9ZyUL-QN5-J9xcZM_aZsiFg3t86ykP0SPJpTBv3EjpMU9Dq3F0Eg5T82QMzn7EduChxqEk3niX8t493uuUip850mesjMHEB9gmQvX5dWBnWWIPcC7NeJmgyOxZ_aQD2aiM_OAVOZA9Tm4m3ksJSSOroIDF8WPLAIuswQjKQzVsSNVtt2z7DLqd4CdC9FQXQD1bPUptc5uuoM81VWdGw0WTzEJbe2x5Pk1oY-K2VMFXydCIu1rHszb9Bxo2KjYvywKZO8yHl8foEsl_DJG1noEr8O6twkxmvO&sai=AMfl-YRlIfNUZEUEzjf2Ki4n_cvSqg5SacExlzeeWtfRN-nsJpZ_LEvGKzMF242fWvkaP2bqR7aItVrKjtFmFLF6g1EvhSjbw2Sw_403slHdqMxoe4cauluIHIezaCjO3x8&sig=Cg0ArKJSzKmJRvhQT2nEEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
DATA 200
OK truncated
/ Frame 0421 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06c76fa2fa8352282e95b5b12578d5802fd8d403867709004298aac667072843

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 441F 7 KB
4 KB 181ms
181ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

7ac394c36998d2c5dc1d5d4158befa60b8a4db8988371e171a5c4086f70c9fbb

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.infosecurity-magazine.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

Connection: keep-alive
Content-Length: 2894
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sun, 06 Jun 2021 12:29:12 GMT
ETag: W/"lounge:view:8576714838.e6676420ca4fe797fd7636bd80209e35.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 06 Jun 2021 12:29:12 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 37ms
12ms Image
image/gif 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&rl=https%3A%2F%2Fpages.fireeye.com%2F&if=false&ts=1622982552576&sw=1600&sh=1200&v=2.9.40&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1622982552575.1477319109&it=1622982552365&coo=false&exp=l0&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sun, 06 Jun 2021 12:29:12 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/e331b800-e0ae-45a2-87fa-0bfa145c8342/ 49 KB
12 KB 16ms
16ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/e331b800-e0ae-45a2-87fa-0bfa145c8342/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f8e5b2015a0326a411109736edc0b0db208cb9019e2befdf6c6fdf3ee1bb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zbG9+Yt6M0Rp2xLklQj4Bw==
age: 5020
vary: Accept-Encoding
content-length: 12585
cf-request-id: 0a82e584240000c2f4f23a7000000001
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 16:24:40 GMT
server: cloudflare
etag: 0x8D8FAAACFB9E3E2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c06cd5af-601e-002b-4536-36ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65b1a519d991c2f4-FRA

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 20ms
19ms Other
text/css 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2695004
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:52:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: -3G1YQbuaLIF5hiv6NuUpRMws2-3spzyv-tss1nqM--ezqNqaGibHw==
x-cache-hits: 0

GET
H2 200 common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js
c.disquscdn.com/next/recommendations/ 0
87 KB 20ms
20ms Other
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2695093
x-cache: Hit from cloudfront
content-length: 88873
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-15b29"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:50:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: qRLlIMblh3LU_3A0PozQS8cG7ngjbShTMVKlK60x8Fw5B3wb-oiCqw==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.ddbe52aded335130c3d3c3842883fb53.js
c.disquscdn.com/next/recommendations/ 0
20 KB 20ms
20ms Other
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.ddbe52aded335130c3d3c3842883fb53.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091216
x-cache: Hit from cloudfront
content-length: 20082
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-4e72"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: BBOYYHgcevqvcoEdbDInuVthUkC2avqCh66wRiCB9Ox9DeKs9qS7GQ==
x-cache-hits: 0

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 9 KB
3 KB 21ms
21ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sun, 06 Jun 2021 12:29:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DYIWRFwWAxeWZ0Ct/hqpNg==
age: 3430028
vary: Accept-Encoding
content-length: 2571
cf-request-id: 0a82e584420000c2f4e7836000000001
x-ms-lease-status: unlocked
last-modified: Mon, 26 Apr 2021 19:14:40 GMT
server: cloudflare
etag: 0x8D908E78AB6AC3E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 75c138e2-401e-0133-509d-3bc79e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 65b1a51a09fdc2f4-FRA
expires: Mon, 14 Jun 2021 12:29:12 GMT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 3F99 5 KB
3 KB 123ms
115ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cbfd8ccd6237554fcd3888574ef3563bc3bf99f8bf436e1be22177fb732ac1ce

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.infosecurity-magazine.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

Connection: keep-alive
Content-Length: 2321
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sat, 12 Dec 2020 06:41:32 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sun, 06 Jun 2021 12:29:12 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.b06622a6e3fd9296f06333edfc7c6158.js Show response
c.disquscdn.com/next/embed/ Frame 441F 1 KB
1 KB 67ms
26ms Script
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.b06622a6e3fd9296f06333edfc7c6158.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

69c568574ef4c2f962f56527e4331215707c3b593bc4738428d44f332472553a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:43:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243917
x-cache: Hit from cloudfront
content-length: 532
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 03 Jun 2021 16:28:34 GMT
server: nginx
etag: "60b90332-214"
content-type: application/javascript; charset=utf-8
via: 1.1 d78805a0dcdbb4f0c955095c7c1a0fb6.cloudfront.net (CloudFront)
expires: Fri, 03 Jun 2022 16:43:55 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: ogUwBkaxy9MFvJIx10AGUrG_N7C-Oi2vxS6Dr95r0KX_2wFvAW8tqA==
x-cache-hits: 0

GET
H2 200 common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js Show response
c.disquscdn.com/next/embed/ Frame 441F 282 KB
93 KB 20ms
19ms Script
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.b06622a6e3fd9296f06333edfc7c6158.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 09:38:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2775068
x-cache: Hit from cloudfront
content-length: 94786
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-17242"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Thu, 05 May 2022 09:38:04 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: -5WvWfyaEA8Yjc6X1CJDv94pMP7eDDaodQkLxFfYQiG6O4rJSjJ_sQ==
x-cache-hits: 0

GET
H2 200 lounge.7dd5a93aa81cda49c533d8058d1faba1.css
c.disquscdn.com/next/embed/styles/ Frame 441F 158 KB
26 KB 20ms
19ms Stylesheet
text/css 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2bc57421f19fce18fec9e0467ea2ebc42f12c05b8d7e12b5032363040b085729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243916
x-cache: Hit from cloudfront
content-length: 25527
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 03 Jun 2021 16:28:34 GMT
server: nginx
etag: "60b90332-63b7"
content-type: text/css; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 03 Jun 2022 16:43:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: h81a8VUANyfT8JRba5-Fb-e4vaTOXzQSBBDVMpBLT6gnsWIPcFysGg==
x-cache-hits: 0

GET
H2 200 recommendations.load.5e64a36d92bdec1085dcfe793028fa46.js Show response
c.disquscdn.com/next/recommendations/ Frame 3F99 923 B
1018 B 19ms
19ms Script
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.5e64a36d92bdec1085dcfe793028fa46.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3ace2496537978b01d16bb8757bd588a3eeaea8d68548e13dbef12e27d413e3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091214
x-cache: Hit from cloudfront
content-length: 447
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-1bf"
content-type: application/javascript; charset=utf-8
via: 1.1 d78805a0dcdbb4f0c955095c7c1a0fb6.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: hoo-ErsDIU2xiHNxDoliUYLtHHWcLacZCA7RbCGmlM7x6g8P5zuj9g==
x-cache-hits: 0

GET
H2 200 lounge.bundle.86ba4df537c9bbadff5e7923b6ce4ace.js Show response
c.disquscdn.com/next/embed/ Frame 441F 466 KB
118 KB 20ms
19ms Script
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.86ba4df537c9bbadff5e7923b6ce4ace.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58ed79f527eff1cb0fa189c78b0ff638632baa26d6933ac3ae6b711b6e584462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 03 Jun 2021 16:43:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243916
x-cache: Hit from cloudfront
content-length: 120149
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 03 Jun 2021 16:28:34 GMT
server: nginx
etag: "60b90332-1d555"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 03 Jun 2022 16:43:56 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: 6D0p0F5jGi6QrQKHhwS4AvXZoGN8m4knTnuxQ8vWUDyCzDE_OVU9qQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 441F 12 KB
12 KB 7ms
7ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3996bbffc767d98d55b0c72079ac2aec9b17e1d89bc063712ef2c2b908794c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 16
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11848
X-XSS-Protection: 1; mode=block

GET
H2 200 common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js Show response
c.disquscdn.com/next/recommendations/ Frame 3F99 262 KB
87 KB 20ms
20ms Script
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.5e64a36d92bdec1085dcfe793028fa46.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

ffa907d826f82968612e5a325704a5cc38330a791049b23da9725a6609e22538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:50:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2695093
x-cache: Hit from cloudfront
content-length: 88873
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-15b29"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:50:59 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: zjFjaBBdvEgUoSOpixi_l1QeF5h3pejSuAMGwdztcdtr5113aFR1rQ==
x-cache-hits: 0

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 441F 3 KB
3 KB 111ms
111ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=infosecuritymagazine&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

708fa81fa092fa20d9e76abc1e768c5cd4334e15c56a48c6953a46911f763405

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3069
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK threadDetails.json Show response
disqus.com/api/3.0/embed/ Frame 441F 36 B
419 B 114ms
114ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/embed/threadDetails.json?thread=8576714838&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.f485ba8b89bf2153fdb9f493ec342aed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

89f4889eebc36f4ad79abb20ba84c4e8b0dac9bce1c0dfbe779ac8d5022572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
X-Requested-With: XMLHttpRequest
X-Disqus-Publisher-API-Key: 0JINRPVhFn1P1qPXUgbEdOMtGkffd8fTwQwnBtgG8Z5ljCZbwDI0Xfi1ABLYrTk6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Disqus-Remote-Auth: ({})

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 36
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1622046247/images/ Frame 441F 2 KB
2 KB 70ms
20ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622046247/images/noavatar92.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 932683
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: CDG52-P2
content-type: image/png
content-length: 1644
x-amz-cf-id: KnOwxjqlWdGpttydQCsKxiyUoyC5c-Zd8Oxbg_lVEakCuH96gVbIjg==
expires: Fri, 25 Jun 2021 17:24:30 GMT

GET
DATA 200
OK truncated
/ Frame 441F 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK disqus-login.png
www.infosecurity-magazine.com/_common/img/ Frame 441F 4 KB
5 KB 23ms
23ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/disqus-login.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

92507b0329fe69614d5f2648a1277955ca360c9b6cf04c4d02df503097378dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Sun+Jun+06+2021+14%3A29%3A12+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=75a38b79-71a9-49a7-bbf5-c0f421f28a8f&interactionCount=0&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Connection: keep-alive
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:12 GMT
Via: 1.1 PSygldLON2sq21:3 (W), 1.1 PShlamstdAMS1lb17:0 (W), 1.1 PSdgflkfFRA2lp71:13 (W)
X-Content-Type-Options: nosniff
Age: 349495
X-Px: ht PSdgflkfFRA2lp71FRA
Connection: keep-alive
Content-Length: 4554
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "62a47914cf8dd61:0"
X-Ws-Request-Id: 60bcbf98_PSdgflkfFRA2gb7_46900-56073
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Accept-Ranges: bytes

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 441F 13 KB
13 KB 20ms
20ms Image
image/svg+xml 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 08:39:51 GMT
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3296961
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Fri, 29 Apr 2022 08:39:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fJk1XXLVbTvIjKQPNSNmSv3JWD3ZOGB94uHs27IAS3UhX-T3ytJ8AQ==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 441F 3 KB
3 KB 20ms
19ms Image
image/gif 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:01:22 GMT
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2892470
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Wed, 04 May 2022 01:01:22 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _qZi_SnhHWYAX5n8r_ktNwYE2QfQDuTdQrlROMOVqVUfFDih0mgGmA==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 441F 2 KB
2 KB 21ms
20ms Image
image/png 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:17:18 GMT
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2718714
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-746"
content-type: image/png
access-control-allow-origin: *
expires: Fri, 06 May 2022 01:17:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ZsR3Hwq81fPjH3kfcFnEV5JSEZ7vTIBlSMfeMYsDifTPjhGpCLkaqA==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 441F 8 KB
8 KB 21ms
21ms Font
application/octet-stream 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 05:29:27 GMT
via: 1.1 d78805a0dcdbb4f0c955095c7c1a0fb6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 2703585
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Fri, 06 May 2022 05:29:27 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: XNx4yKxLO7f7R-rlYLZSKe4NPfxifU6r9p_XaU2BMZ24wMIqRsjQgQ==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 61C4 337 B
808 B 20ms
19ms Stylesheet
text/css 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2716188
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 01:59:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: SA-Tv4Q4mjylYj8XpEiqPU6Rq2FuFYtej7QvEdSWqRQlzj-yOpYeQQ==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame F5AE 337 B
807 B 20ms
20ms Stylesheet
text/css 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2716188
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 01:59:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: 3AC3j6ldFJ0LMV0NeH_VX21zDzXSOuuplmJsVbT8W6q351nW5J90qg==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 441F 13 KB
13 KB 20ms
19ms Image
image/svg+xml 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.7dd5a93aa81cda49c533d8058d1faba1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 08:39:51 GMT
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3296962
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Fri, 29 Apr 2022 08:39:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KTI6ApLx1pIDPyPYkjTZFYPPdO8jpGkWlyD-JV5c0hIr_QpjQ8MKAA==
x-cache-hits: 0

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 3F99 17 KB
4 KB 20ms
19ms Stylesheet
text/css 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2695005
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:52:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: hnGPtZAvInrGxymtoPcgTZJwxhFB3WjBvHT4dqH2KUMSFE27Fmv3Zg==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.ddbe52aded335130c3d3c3842883fb53.js Show response
c.disquscdn.com/next/recommendations/ Frame 3F99 65 KB
20 KB 20ms
19ms Script
application/javascript 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.ddbe52aded335130c3d3c3842883fb53.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

23a5b9a15d665be3affe4e119cc8daea6ecb4d59333fde3411b1c987e13bdb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 24 May 2021 21:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1091217
x-cache: Hit from cloudfront
content-length: 20082
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Tue, 18 May 2021 19:22:38 GMT
server: nginx
etag: "60a413fe-4e72"
content-type: application/javascript; charset=utf-8
via: 1.1 a329142c11bf4b365acb0f902bcf447d.cloudfront.net (CloudFront)
expires: Tue, 24 May 2022 21:22:16 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: BUD50-C1
timing-allow-origin: *
x-amz-cf-id: CgDFDiW4oDu0VY-xRaAkvAfwdDhTAHSkBKf09r1ux-NHpeZse0eFyg==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 3F99 12 KB
12 KB 13ms
12ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

3996bbffc767d98d55b0c72079ac2aec9b17e1d89bc063712ef2c2b908794c74

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 16
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11848
X-XSS-Protection: 1; mode=block

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 28ms
13ms Ping
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryWOEgTATNc3VhIzWO

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sun, 06 Jun 2021 12:29:13 GMT
content-type: text/plain
access-control-allow-origin: https://www.infosecurity-magazine.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 nr-1209.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 53ms
34ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1209.min.js
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/?mkt_tok=ODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk
content-encoding: gzip
etag: "ceffb14d16467e17c5360bf7880099fa"
x-amz-request-id: 061HG2PBY1V44RP2
x-cache: HIT
content-length: 11738
x-amz-id-2: lWnCVbTHNU41nk5SgRU8NHBf4elbhUmEnRdF5wjVKabmddLsG1zTMXgIV74rBqM5c+dFF0YQBCQ=
x-served-by: cache-hhn4057-HHN
last-modified: Thu, 20 May 2021 23:21:18 GMT
server: AmazonS3
x-timer: S1622982553.123670,VS0,VE0
date: Sun, 06 Jun 2021 12:29:13 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2261

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 38ms
18ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7c66112192c4c1d1511f9da2abd1b441851d9912b9bc395056c7905b047b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 06 Jun 2021 12:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7726
x-xss-protection: 0

GET
H2 200 noavatar92.png
a.disquscdn.com/1622046247/images/ Frame 441F 2 KB
2 KB 20ms
20ms Image
image/png 199.232.198.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1622046247/images/noavatar92.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.86ba4df537c9bbadff5e7923b6ce4ace.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.198.49 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:13 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 932683
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: CDG52-P2
content-type: image/png
content-length: 1644
x-amz-cf-id: KnOwxjqlWdGpttydQCsKxiyUoyC5c-Zd8Oxbg_lVEakCuH96gVbIjg==
expires: Fri, 25 Jun 2021 17:24:30 GMT

GET
H/1.1 200
OK disqus-login.png
www.infosecurity-magazine.com/_common/img/ Frame 441F 4 KB
5 KB 23ms
22ms Image
image/png 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/disqus-login.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.86ba4df537c9bbadff5e7923b6ce4ace.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

92507b0329fe69614d5f2648a1277955ca360c9b6cf04c4d02df503097378dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Sun+Jun+06+2021+14%3A29%3A13+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=75a38b79-71a9-49a7-bbf5-c0f421f28a8f&interactionCount=0&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C6%3A0
Connection: keep-alive
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
Via: 1.1 PSygldLON2sq21:3 (W), 1.1 PShlamstdAMS1lb17:0 (W), 1.1 PSdgflkfFRA2lp71:13 (W)
X-Content-Type-Options: nosniff
Age: 349496
X-Px: ht PSdgflkfFRA2lp71FRA
Connection: keep-alive
Content-Length: 4554
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "62a47914cf8dd61:0"
X-Ws-Request-Id: 60bcbf99_PSdgflkfFRA2gb7_46900-56081
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Accept-Ranges: bytes

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 3F99 3 KB
3 KB 108ms
108ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=infosecuritymagazine&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

708fa81fa092fa20d9e76abc1e768c5cd4334e15c56a48c6953a46911f763405

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3069
X-XSS-Protection: 1; mode=block

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 28ms
13ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 06 Jun 2021 12:29:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sun, 06 Jun 2021 12:29:13 GMT

GET
H/1.1 200
OK NRJS-70b3f9b2c6f17cc4471 Show response
bam.eu01.nr-data.net/1/ 57 B
275 B 61ms
15ms Script
text/javascript 185.221.86.34
NEW-2

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.eu01.nr-data.net/1/NRJS-70b3f9b2c6f17cc4471?a=146614949&v=1209.f04e2b9&to=MhBSZQoZXxFXWxZbWAtacWIoV0UHW0gOU0MABh9GHRpBA1FdTFNEFQ0%3D&rst=3249&ck=1&ref=https://www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new/&ap=1749&be=2064&fe=3191&dc=2308&perf=%7B%22timing%22:%7B%22of%22:1622982549889,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:38,%22c%22:38,%22s%22:44,%22ce%22:83,%22rq%22:83,%22rp%22:2055,%22rpe%22:2087,%22dl%22:2058,%22di%22:2308,%22ds%22:2308,%22de%22:2320,%22dc%22:3191,%22l%22:3191,%22le%22:3206%7D,%22navigation%22:%7B%7D%7D&fp=2214&fcp=2214&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.221.86.34 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 3F99 6 KB
6 KB 219ms
218ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=infosecuritymagazine&thread=url%3Ahttps%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.9aad4e5af3027dd4fbeac9669fb17819.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

402016c44e4e61615b833ca5c8a33723af8dbe283a4a7df1bf6faa54e67de635

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 6123
X-XSS-Protection: 1; mode=block

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 3BA4 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.infosecurity-magazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 06 Jun 2021 12:28:04 GMT
expires: Mon, 06 Jun 2022 12:28:04 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 69
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CC60 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

22ad8857323f1ffcd2db0178c1bd7f676672c30bfa72f5463a9fc763c38c55ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uXqUPO6ekOILHWx6D9CO6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.infosecurity-magazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

expires: Sun, 06 Jun 2021 12:29:13 GMT
date: Sun, 06 Jun 2021 12:29:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uXqUPO6ekOILHWx6D9CO6A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BA4 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/tE64XG1cXAHgdRZqLuUmMLCyOuQ9s7LE_kL_xOEQzyo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 05 Jun 2021 12:26:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86586
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5784
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Jun 2022 12:26:07 GMT

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 441F 43 B
295 B 146ms
111ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=269&event=init_embed&thread=8576714838&forum=infosecuritymagazine&forum_id=3082669&imp=2nejioh3cvjc6l&prev_imp&thread_slug=global_phishing_campaign_drops_new_malware_trio_10&user_type=anon&referrer=https%3A%2F%2Fwww.infosecurity-magazine.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Global%20Phishing%20Campaign%20Drops%20New%20Malware%20Trio&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 06 Jun 2021 12:29:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=3247922016535234&bg=!IiGlIWXNAAY6sG-_OrA7ACkAdvg8WoqDQDYBBiGU832cA1bQf5KAbpXCGJ9yCfWIv6Z2KczubYItdgIAAABGUgAAAAxoAQcKACMPS9BXBhJQbKfodkcSRBnwvyD73InvCPahpfKQEe1Rh67RTJkCSuCfFKZt93a1SpB5-RokwT-WT02Erp5TvoA7D7JTkeGEqobKttPlWd4M5HXW_boExI1AjJjD0Hw6PeXO6cwo0uY94OkUsB85MCyTFPouNz-IOWp99PkLpvKpfOk88uZQvds-AF5AeiITmgJlQDPzPJIS9-9c9xUjW2H8f_gQtAAzrNzaW6_0OZTo3j-yc2LwdK_6MBSp3YY0WzTMnnmHNNVT8jjyJy6hc20aI7_DwtuHmrOd3yC5cVtCBUPez__OX_psCZLOEJyWW3hY4ib5RmOq8FpicKUT4ZUZUfBvZ83VxM-WGS9_7ioE2fA7SaR5UrL5JBq2HV8zP1zWkQgscBaY73kkePR1EEHViD6qXFYdzVW9s7WKtOQfm1di5k9EbBMOoWd_TNx4VftPg6LpaKF-1ozHeHlSU3m7Ca95mDjcHHaFsUW3-qClay98kgS8oDl114gGbmRByuE359_LwJ8GUvEdoCLmbdA8EI0S0GoyXhlTGB7QG6k9b9hYvJVkqAsCjkCK6igaWq1kQeBvS11lduLj4Ej071MYG3VhA6Bej1iYEO-TcFpU6yzPrxvBdnMaB2inpSWWZi-sObL-geUd47fhxYjnDr90WKnpIkzXfgv8xt8XpGJV0Ys-njjFvlnt47UbWAWHiWbRDEEE5Gh7NMs5l9gIRGpSNZuFNJfzSy47eAfgsj_e0e9QLjAXTUZiTJiHjZ_v-TuGW_Ndt_e8dDkPpniWrpdZYZ59TF9ekzL_wN4EQnkAnQB8z4xg_wLtfPmJvOyqVBE

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 12:29:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 134ms
132ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Fbfa054b6-016c-420e-8ac1-d8a9255e1455.jpg&key=bWP5DKE7eG1P4VZG2flJKQ&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 147ms
145ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Fce8323ab-9d82-4d5d-88a4-fe45f22ce958.jpg&key=vBLwukWEBaYhpoiW-Y_M2g&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 262ms
260ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Fa2c14a7e-48ed-4ccd-91ea-c7f0afbad3e9.jpg&key=KZ7EbLYg8uNrOo-pJBv0dA&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 133ms
132ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F6aadf489-e1ef-494b-bcad-4c5c3bd7b963.jpg&key=cB7gz8KsvTd4Z-2sRZh7lw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 136ms
135ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Fa2970c60-47eb-4093-b3ec-7c5559beac8e.jpg&key=6S0lYTw9XrlvNrmKdekFpw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 137ms
136ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Fc8f617e8-9d65-41b6-ae2d-e197684e5ab1.jpg&key=ZTlrz0CY-nbfaUCvRUq3UQ&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 136ms
135ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F2c28f93f-c9a0-42bf-be61-5edd12694041.jpg&key=uhuCxaKK-v87SMBP9Y1zFw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 3F99 0
0 136ms
135ms Image
text/html 2600:9000:2050:1800:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F91eb500a-1e9d-4a40-ae87-bd84e6714dcc.jpg&key=cTBmOoX1U1PjOK79YeKwxw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2050:1800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0421 42 B
64 B 29ms
15ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvVbPQqAhr37aWnMgUygT2h4AqH5Iq2EpnxAjmpJyFibeiaiVFQVZA3JYtMbgdXb1igmOqhE6SMuQ4ayX8CK3K_YksF-A6kmoVw70CGwzc&sig=Cg0ArKJSzLBVP7xCVBwsEAE&id=lidar2&mcvt=1000&p=831,1022,1081,1322&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210604&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2608124609&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622982552426&dlt=0&rpt=170&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 12:29:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1D38 42 B
64 B 27ms
14ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuDD6aFZxJPEBwzvCS3Mzye0ZYY6TFHNvE1RgbWU1Fm3ndybv4eZhGoVhG6t1TZDEdnI4ShkMEtci3w4UdWjSvXatJdeJstJicMT7PKFc&sig=Cg0ArKJSzJyKSRKR8CirEAE&id=lidar2&mcvt=1002&p=68,250,158,978&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210604&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=225845157&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622982552427&dlt=0&rpt=160&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Jun 2021 12:29:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.disqus.com/	1970-01-20 03:35:18	Name: disqus_unique Value: 2nejipq4d2ue7
disqus.com/	1970-01-19 18:49:44	Name: __jid Value: 2nejioh3cvjc6l
.infosecurity-magazine.com/	1970-01-19 20:59:18	Name: _fbp Value: fb.1.1622982552575.1477319109
.infosecurity-magazine.com/	1970-01-20 03:35:18	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sun+Jun+06+2021+14%3A29%3A13+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=75a38b79-71a9-49a7-bbf5-c0f421f28a8f&interactionCount=0&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fglobal-phishing-campaign-drops-new%2F%3Fmkt_tok%3DODQ4LURJRC0yNDIAAAF9b99fPQd386WdxOxfcCCbucpIjdIf-kHi9dTeWKZV91J1YRDkNzHPRICaf1cuTcAbN5vujDoZAHIzRzBRGE1szMVyfxkAhKrejMn7jCplsG_gBeQ&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C6%3A0
www.infosecurity-magazine.com/	1970-01-19 18:49:44	Name: __atuvs Value: 60bcbf982df58aac000
www.infosecurity-magazine.com/	1970-01-20 04:18:30	Name: __atuvc Value: 1%7C23
.infosecurity-magazine.com/	1970-01-20 04:11:18	Name: __gads Value: ID=148c754be09aba3d-22a6bcf956c800b6:T=1622982552:S=ALNI_MZX0XmB1K5GkEtLiLZWj5chclkB_g
.infosecurity-magazine.com/	1970-01-19 18:49:42	Name: _gat Value: 1
www.infosecurity-magazine.com/news/global-phishing-campaign-drops-new	1969-12-31 23:59:59	Name: ISM.ScreenSize Value: 1600
www.infosecurity-magazine.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: nz0sqx4hsl22zrplj1fd553b
.infosecurity-magazine.com/	1970-01-20 12:20:54	Name: _ga Value: GA1.2.1716994379.1622982552
www.infosecurity-magazine.com/	1970-01-19 19:34:20	Name: ISM.Visitor Value: vid=1466c33d-4b2c-470c-8c05-bf6499fe31d9
.infosecurity-magazine.com/	1970-01-19 18:51:08	Name: _gid Value: GA1.2.1939633093.1622982552

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.disquscdn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.infosecurity-magazine.com
bam.eu01.nr-data.net
c.disquscdn.com
cdn.cookielaw.org
clients1.google.com
connect.facebook.net
cse.google.com
db07ac4e49e79c0aad68fdb594fc689c.safeframe.googlesyndication.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
infosecuritymagazine.disqus.com
js-agent.newrelic.com
pagead2.googlesyndication.com
pages.fireeye.com
referrer.disqus.com
res.infosecurity-magazine.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.infosecurity-magazine.com
z.moatads.com
104.17.71.206
142.250.181.226
151.101.0.134
151.101.114.110
151.101.12.134
163.171.132.119
184.30.24.121
185.221.86.34
199.232.198.49
2.18.235.40
220.242.170.82
2600:9000:2050:1800:6:8656:f5c0:93a1
2606:4700:10::6814:b944
2606:4700::6810:9440
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:803::2004
2a00:1450:4001:803::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9b
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
02012a7f72db1a9cda3e6d977d491fcd365ee56f9fac969dc6e537a9c51553f4
0445777080cbd7e5753a7a712af7e11bdbeaf665c15c1bdafefcd072b038d0b7
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06c76fa2fa8352282e95b5b12578d5802fd8d403867709004298aac667072843
07d19364f58e8be9a031a6a3d18a0cf791ecb6956aa2f17a5a0405a1d170a637
0d662e241e97f4716c225b472df672636700ee994b3d5ab93aaa2887a57d690c
108136cdaaa0dbe0f215a5d6bc112b2b76f4e1a7b71c0463906fb301f481ffe4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
202022fc5e67edf183fd27c0cd0bbea87ffc4c171a2069c85a29722ba70ae63e
221dd3238795d2e786c5798f80cbb3998c6d1db7ce6d829725af8f5ab7e55bfd
22ad8857323f1ffcd2db0178c1bd7f676672c30bfa72f5463a9fc763c38c55ae
23a5b9a15d665be3affe4e119cc8daea6ecb4d59333fde3411b1c987e13bdb12
2b36b5dbbf62d4165ba63f0c66f5253c0bed0bf64979a36f3de7fdf55e41708b
2bc57421f19fce18fec9e0467ea2ebc42f12c05b8d7e12b5032363040b085729
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
33d9c56f2b1408711b9b963963790177ac4e7c38a5ecf0e3c12f558c676e294b
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
3996bbffc767d98d55b0c72079ac2aec9b17e1d89bc063712ef2c2b908794c74
3ace2496537978b01d16bb8757bd588a3eeaea8d68548e13dbef12e27d413e3e
3ba5369627fc324f2d2c47f44c8da30769d2a3ccbe8110b9bd5eec9585e42a09
402016c44e4e61615b833ca5c8a33723af8dbe283a4a7df1bf6faa54e67de635
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
49850e729150548475fa57ef13507f6654e0deb5bc32397c225c3cf499b4d0f2
4a19ad93b8c725e7f19dcc851248a683bffb63243553bb91f6fafd3bc41302a6
4bf58e0daf92aad29f2bc18a95e24aecc695dc71a395785432fc221bb716b1ee
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4ca958cef450a74a99f7c5f676dd7b8267ff7d1c168cd28dc45b5b1d530391f8
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
526f6ee950b2b777d23694bb65b53bba1baf47ea87dc6c227eeb34a19f68decc
544746b39aec5e583d4a50fe5a4580ae00e40b5bed78af9706fbb1822325e62e
56f8e5b2015a0326a411109736edc0b0db208cb9019e2befdf6c6fdf3ee1bb78
58ed79f527eff1cb0fa189c78b0ff638632baa26d6933ac3ae6b711b6e584462
5a06800ad719e1f1b46691ded5a5577666d2fc30f950b0ba544352ede4e25de7
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63ebce060749b8de50579045bcad5148ae53a0da56851bd1558e585ddfa5b2f6
6729beb6a0bdf0264f0492fa345fe2462b3ca4bd972bcc353289b078383844c0
678b8e1ba87a6638950278e0882372b8a5a19a999382c3cabb1e9e144b595e31
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69c568574ef4c2f962f56527e4331215707c3b593bc4738428d44f332472553a
6a845ff3ff7a8a8e49e7640cd8c2f215ca8a7a58d2e12cf8b6b81b635816b934
6e312f277726cf12aa508a34dfc0c5217b72334652dc99f8df30559e3e8dc971
708fa81fa092fa20d9e76abc1e768c5cd4334e15c56a48c6953a46911f763405
72f2954f62d214e6071faac26ee729343e6e2daee732a017a1fd45cb26ede64b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
74192712778ebae4770b6a5b5f6d6b0f914680673d647b791f4ffa979dc2b95a
7625af3731123af3500658039a05ba9b38bb23e1ad8c8d7cfda30bcd410fd008
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7ac394c36998d2c5dc1d5d4158befa60b8a4db8988371e171a5c4086f70c9fbb
7ee8dc3fdcf311e88a5779e74cee39670aeaf2b95f90856b8eb2fc74e1bc1b25
7ef35ca79023b3de6a36ea2ca000a3cb4e380d17b8af64aa527f121444010d64
7f25fede4db5b93e5c049b991dde0bacd7f8b496343a8b07ac97c6ea5b1f5653
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f4889eebc36f4ad79abb20ba84c4e8b0dac9bce1c0dfbe779ac8d5022572bd
91dfa0b3cde79113a212e68b9c95a1f167ce48cf31730a699cbc0151a8001a0b
923d150c3d48fb89869b13377e11378e1a8de82d48e4281f95869d0ad945bbf6
92507b0329fe69614d5f2648a1277955ca360c9b6cf04c4d02df503097378dab
972c9c1da063aec229e5e8b8dfddf89a946b28b4cab8af4002d8cb12ec1399e0
9bf5bb2d38aff2e30c602ac7d894968b9f384062ef48348619c0b35d1f6e1cbb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a792cfdb1d9ae16679db87e04deb24aeaf9d3a81459a26b792ba96b25735bfa3
aa50c7a1895457784d07961e49bd9912e777dbe8fae1310abf10792606052a84
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b44eb85c6d5c5c01e075166a2ee52630b0b23ae43db3b2c4fe42ffc4e110cf2a
b5d2bbf53a08ced8ba400fee5919484d5a12371fe8994c84b97ac7d84213b436
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc7c66112192c4c1d1511f9da2abd1b441851d9912b9bc395056c7905b047b60
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
c16c43f22c506659ce46766bdfe4d9ae1fc8c0668bf4486e2ea488a73ef0914b
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c39eb617c167bdd58f665aef1c4482546eb2892a674846278bafd100c64f4116
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c42e757b8de43c15a18cd56d0f44b8688ddfcfe687ced5bb3e9b683651330933
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
cbfd8ccd6237554fcd3888574ef3563bc3bf99f8bf436e1be22177fb732ac1ce
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d095a10edaad6211950687f096747c692e1785b2959c81ad51d8cca4e8e87c72
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
db606689388acdc641b527e6ea307c11af962f7e14c3c6e9e7fc76fe264a3717
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
e084e78063db8d13c09375cf6f913a180e96d3ce7d662bac5ae9b18cc789945a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7a1d846904e1a3394f82ca308b8b1adbafd81d7a80eaafaa02d8e1e47ea9cca
e9baeaf60a7668f0fa07b6654105515d869595eb0d3c92d01e8077f46c510588
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5
f7051b308ba8263ba7a453b9c3036eaaa3b8734b3adec537ddc89468acac5d86
ffa907d826f82968612e5a325704a5cc38330a791049b23da9725a6609e22538

www.infosecurity-magazine.com Open in urlscan Pro 163.171.132.119 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

138 Requests

98 %HTTPS

68 %IPv6

22 Domains

35 Subdomains

34 IPs

6 Countries

2685 kBTransfer

5562 kBSize

13 Cookies

18 Outgoing links

Page URL History

Redirected requests

138 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.infosecurity-magazine.com Open in urlscan Pro
163.171.132.119 Public Scan

Screenshot
Live screenshot

Full Image

138
Requests

98 %
HTTPS

68 %
IPv6

22
Domains

35
Subdomains

34
IPs

6
Countries

2685 kB
Transfer

5562 kB
Size

13
Cookies

138 HTTP transactions
1 data transactions