www.eweek.com Open in urlscan Pro
184.30.212.44 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870
Effective URL:
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Submission: On September 09 via api (September 9th 2020, 6:13:20 pm UTC) from US

Summary HTTP 160 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 30 domains to perform 160 HTTP transactions. The main IP is 184.30.212.44, located in Netherlands and belongs to AKAMAI-ASN1, EU. The main domain is www.eweek.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 7th 2020. Valid for: 3 months.

This is the only time www.eweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 52	184.30.212.44 184.30.212.44	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a00:1450:400... 2a00:1450:4001:814::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE)
2 2	2.16.186.99 2.16.186.99	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.16.186.73 2.16.186.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.128.194.224 108.128.194.224	16509 (AMAZON-02) (AMAZON-02)
3	136.243.63.184 136.243.63.184	24940 (HETZNER-AS) (HETZNER-AS)
11	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
6	95.100.73.104 95.100.73.104	16625 (AKAMAI-AS) (AKAMAI-AS)
6	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:825::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
3	52.207.113.77 52.207.113.77	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:824::200e	15169 (GOOGLE) (GOOGLE)
2	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	54.80.117.178 54.80.117.178	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:824::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:20e... 2600:9000:20e8:8a00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	18.209.169.27 18.209.169.27	14618 (AMAZON-AES) (AMAZON-AES)
3	18.203.241.243 18.203.241.243	16509 (AMAZON-02) (AMAZON-02)
2	104.111.250.210 104.111.250.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:10c... 2a02:26f0:10c::5f64:c130	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	52.215.86.157 52.215.86.157	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.85.133 52.29.85.133	16509 (AMAZON-02) (AMAZON-02)
1 2	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2600:9000:20e... 2600:9000:20e8:8800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1 1	2600:1f18:730... 2600:1f18:730:b150:e012:d004:2b3d:e4f0	14618 (AMAZON-AES) (AMAZON-AES)
1	3.213.73.156 3.213.73.156	14618 (AMAZON-AES) (AMAZON-AES)
1	54.164.237.91 54.164.237.91	14618 (AMAZON-AES) (AMAZON-AES)
160	37

52 184.30.212.44 (Netherlands) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-44.deploy.static.akamaitechnologies.com

www.eweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.99 (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-99.deploy.static.akamaitechnologies.com

ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.73 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-73.deploy.static.akamaitechnologies.com

ntvaim-a.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.128.194.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-194-224.eu-west-1.compute.amazonaws.com

addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.63.184 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xip08.oneall.com

eweekcom.api.oneall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 95.100.73.104 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-73-104.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.207.113.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-113-77.compute-1.amazonaws.com

l.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.80.117.178 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-117-178.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:824::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5f904dc2fa13ef941cbb1a42431e0f51.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:8a00:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.209.169.27 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-209-169-27.compute-1.amazonaws.com

tatestdrive.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.203.241.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-241-243.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.250.210 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-210.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:10c::5f64:c130 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.215.86.157 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-86-157.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.85.133 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-85-133.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.45 (Ascension Island) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:8800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

949-nym-063.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:e012:d004:2b3d:e4f0 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.213.73.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-73-156.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.237.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-237-91.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	eweek.com 2 redirects www.eweek.com	1 MB
16	googlesyndication.com 5f904dc2fa13ef941cbb1a42431e0f51.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	458 KB
12	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	122 KB
10	google.com 2 redirects www.google.com cse.google.com adservice.google.com	5 KB
9	postrelease.com 1 redirects jadserve.postrelease.com	5 KB
9	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	98 KB
9	evidon.com c.evidon.com l.evidon.com	28 KB
8	ampproject.org cdn.ampproject.org	340 KB
7	blueconic.net tatestdrive.blueconic.net	125 KB
5	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com	14 KB
3	oneall.com eweekcom.api.oneall.com	15 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	marketo.net munchkin.marketo.net	7 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	55 KB
2	twitter.com platform.twitter.com	29 KB
2	google-analytics.com www.google-analytics.com	18 KB
2	akamaized.net ntvaim-a.akamaized.net	27 KB
2	akamaihd.net 2 redirects ntvcld-a.akamaihd.net	674 B
1	mktoresp.com 949-nym-063.mktoresp.com	311 B
1	quantcount.com rules.quantcount.com	356 B
1	agkn.com 1 redirects aa.agkn.com	399 B
1	ml314.com ml314.com	517 B
1	facebook.com www.facebook.com	888 B
1	imrworldwide.com 1 redirects secure-gl.imrworldwide.com	957 B
1	google.ch adservice.google.ch	890 B
1	google.de www.google.de	106 B
1	googleapis.com fonts.googleapis.com	877 B
1	addevent.com addevent.com	8 KB
1	ntv.io s.ntv.io	97 KB
160	30

	Domain	Requested by
52	www.eweek.com	2 redirects www.eweek.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.eweek.com cdn.ampproject.org tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	www.eweek.com securepubads.g.doubleclick.net
9	jadserve.postrelease.com	1 redirects www.eweek.com
8	cdn.ampproject.org	securepubads.g.doubleclick.net
7	tatestdrive.blueconic.net	www.eweek.com tatestdrive.blueconic.net
7	www.google.com	2 redirects www.eweek.com
6	c.evidon.com	www.eweek.com c.evidon.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	cdn.krxd.net	www.eweek.com cdn.krxd.net
3	beacon.krxd.net	cdn.krxd.net
3	l.evidon.com	www.eweek.com
3	eweekcom.api.oneall.com	www.eweek.com eweekcom.api.oneall.com
2	secure.adnxs.com	1 redirects
2	b-code.liadm.com	cdn.krxd.net b-code.liadm.com
2	munchkin.marketo.net	www.eweek.com munchkin.marketo.net
2	consumer.krxd.net	cdn.krxd.net
2	platform.twitter.com	www.eweek.com platform.twitter.com
2	www.google-analytics.com	www.eweek.com www.google-analytics.com
2	ntvaim-a.akamaized.net	www.eweek.com
2	ntvcld-a.akamaihd.net	2 redirects
2	cse.google.com	www.eweek.com
1	i.liadm.com	b-code.liadm.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	pixel.quantserve.com
1	949-nym-063.mktoresp.com	munchkin.marketo.net
1	rules.quantcount.com	secure.quantserve.com
1	aa.agkn.com	1 redirects
1	ml314.com
1	secure.quantserve.com	www.eweek.com
1	www.facebook.com	www.eweek.com
1	secure-gl.imrworldwide.com	1 redirects
1	s-jsonp.moatads.com	www.eweek.com
1	5f904dc2fa13ef941cbb1a42431e0f51.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	www.google.de	www.eweek.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	www.eweek.com
1	z.moatads.com	s.ntv.io
1	addevent.com	www.eweek.com
1	s.ntv.io	www.eweek.com
160	43

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.mcafee.com
blogs.mcafee.com
technologyadvice.com
www.onelogin.com
www.esecurityplanet.com
www.itbusinessedge.com
www.developer.com
www.enterprisestorageforum.com
www.serverwatch.com
www.datamation.com

Subject Issuer	Validity	Valid
www.quinstreet.com GeoTrust RSA CA 2018	`2020-09-07` - `2020-12-16`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
addevent.com Amazon	`2020-03-13` - `2021-04-13`	a year	crt.sh
*.api.oneall.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-29` - `2021-07-30`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.evidon.com DigiCert Secure Site ECC CA-1	`2020-04-29` - `2021-07-29`	a year	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
*.google.ch GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-19` - `2020-11-11`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-03-27`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.liadm.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Frame ID: AEDC9ECF5947AAF6EE48605DCD49603B
Requests: 122 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fwww.eweek.com
Frame ID: 23A2263216F70BA2A012745A39BB4F0E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: DB7927F10E80C491C06CFE7F2E1D0108
Requests: 1 HTTP requests in this frame

Frame: https://eweekcom.api.oneall.com/socialize/loudvoice/discussion/?args=%7B%22placeholder_start_discussion%22%3A%22%40%22%2C%22placeholder_leave_comment%22%3A%22%40%22%2C%22iframeid%22%3A%22oa_loudvoice_frame_148593%22%2C%22providers%22%3A%5B%22facebook%22%2C%22google%22%2C%22linkedin%22%5D%2C%22page_title%22%3A%22McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22author_session_token%22%3A%22%22%2C%22parent_uri%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22comment_depth%22%3A%5B5%2C3%5D%2C%22comment_direction%22%3A%22%22%2C%22custom_css_uri%22%3A%22%22%2C%22offset_top%22%3A0%2C%22enable_editor%22%3Afalse%2C%22render_collapsed%22%3Afalse%2C%22reference%22%3A%22%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22id%22%3A148593%7D&lang=en
Frame ID: C2C5D3FF2AE75E44307F20F6E3B111F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js
Frame ID: 24FD27AFE564EFEF83D694C479DB36C9
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js
Frame ID: B6DE4E2161558AE92EDBDA806C2F4F4B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js
Frame ID: AFF0543199EE5E14A9539C4DBDF96F4B
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js
Frame ID: 753BB3F5E2307B928C47018DE1DB254C
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 8F95D7BAE5EDC2EA850B19036429A365
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01eo?s=&cim=&ps=true&ls=true&duid=8b76a4d438d6--01eht14czypg9jmy7c2rg350w8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: C515D7781D33E71450CFF7C2F73C6489
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-... HTTP 301
https://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-... HTTP 302
http://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective HTTP 307
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

160
Requests

98 %
HTTPS

49 %
IPv6

30
Domains

43
Subdomains

37
IPs

6
Countries

2854 kB
Transfer

6233 kB
Size

14
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/eWEEKNews
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/eWEEK/49650732622
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/eweek-washington-bureau?trk=company_name
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eweeknews
Title:

Search URL Search Domain Scan URL

URL: http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf
Title: dubbed "Night Dragon" (PDF),

Search URL Search Domain Scan URL

URL: http://blogs.mcafee.com/corporate/cto/global-energy-industry-hit-in-night-dragon-attacks
Title: George Kurtz blogged

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/security-software/?utm_source=technologyadvice&utm_medium=native&utm_term=buyer&utm_campaign=compareleadingsecuritysoftware
Title: Sponsored Content

Search URL Search Domain Scan URL

URL: https://www.onelogin.com/events/connect/connect-2020?utm_medium=display&utm_source=techadvicecpc&utm_campaign=connect2020_noam
Title: Sponsored Content

Search URL Search Domain Scan URL

URL: https://www.esecurityplanet.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.itbusinessedge.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.developer.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.enterprisestorageforum.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.serverwatch.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.datamation.com/
Title:

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/terms-conditions/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/privacy-policy/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/programs/digital-advertising-solutions/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/privacy-policy/ccpa-opt-out-form
Title: California - Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870 HTTP 301
https://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870 HTTP 302
http://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective HTTP 307
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/coop/cse/brand?form=cse-search-box&lang= HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=

Request Chain 7

https://www.google.com/coop/cse/brand?form=cse-search-box-footer&lang= HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=

Request Chain 8

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/6FE6466EBE774481BCC555B92226EDB8.jpg HTTP 302
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/6FE6466EBE774481BCC555B92226EDB8.jpg

Request Chain 9

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png HTTP 302
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png

Request Chain 116

https://jadserve.postrelease.com/ce.gif?do=gci&fpd=www.eweek.com&ntv_it HTTP 302
https://www.eweek.com/ntv-ce-sync/1086902825/?id=429537eb-949a-4214-96f9-d9820d9d9d2c&o=0&s=1&do=syn

Request Chain 117

https://secure-gl.imrworldwide.com/cgi-bin/m?ci=nlsnapi29032&am=4&ep=1&at=view&rt=banner&st=image&ca=moat_tsci_7GD8k&cr=crv3966877&pc=b-11238-www.nativo.com&r=1599675183528 HTTP 302
https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&placement_id=0f75615df50b11c30a37f4d32869ebe2dd60e9db3bd327b133d12813199638bb&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20200909&imp=1&h=049d6c002d&rnd=1599675183

Request Chain 137

https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e HTTP 302
https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=164980103539001509444

Request Chain 138

https://secure.adnxs.com/seg?add=17772711&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2

Request Chain 148

https://rp.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01eht14czypg9jmy7c2rg350w8&se=e30&dtstmp=1599675184246 HTTP 302
https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01eht14czypg9jmy7c2rg350w8&se=e30&dtstmp=1599675184246&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

160 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mcafee-night-dragon-cyber-attack-unsophisticated-but-effective Show response
www.eweek.com/security/
Redirect Chain

http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870
https://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870
http://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

130 KB
26 KB

914ms
913ms

Document
text/html

184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / PHP/5.5.9-1ubuntu4.20

Resource Hash

8650b44af3a92cd792be66e147c9912c594ef53c8f2e9725e9d36c4f489826b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.eweek.com
:scheme: https
:path: /security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=d7f98857063ba90a7e78313e9c7c3f5831599675180; DC=SFDC; ntv_as_visitor=972e5db1-edfd-4b71-b307-1806fe0fab63; ntv_as_status=0; ntv_as_ver=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
cf-ray: 5d02e17ddd8563d7-FRA
cache-control: private, max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Mon, 1 Jan 1990 12:00:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 0515ab42a8000063d70624b200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-cache-hits: 39
x-location-id: 1341905
x-ntv-te: 794 c:494 a:572
x-ntv-worker-version: 1.1.1w 9/9/2020, 11:13:02 AM
x-powered-by: PHP/5.5.9-1ubuntu4.20
x-ttl: 604800.000
x-varnish: 172687494 3375740
x-vcl-author: Varnish
server: cloudflare
content-encoding: gzip
date: Wed, 09 Sep 2020 18:13:02 GMT
content-length: 25624
vary: Accept-Encoding
set-cookie: DC=SFDC; path=/;HttpOnly;;SameSite=None;Secure; ntv_as_visitor=972e5db1-edfd-4b71-b307-1806fe0fab63; Domain=.eweek.com; Expires=Thu Sep 09 2021 18:13:02 GMT+0000 (Coordinated Universal Time); Path=/; Secure; ntv_as_status=1; Domain=.eweek.com; Expires=Thu Sep 09 2021 18:13:02 GMT+0000 (Coordinated Universal Time); Path=/; Secure; ntv_ce_visitor=053a5ab1-4053-49cf-b568-1d45dbd97b4a; Expires=Mon, 08 Sep 2025 18:13:02 GMT; Domain=.eweek.com; Secure; HttpOnly

Redirect headers

Location: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Non-Authoritative-Reason: HSTS

GET
H2 200 d0d0c8a.css
www.eweek.com/cms/css/ 266 KB
40 KB 35ms
34ms Stylesheet
text/css 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/css/d0d0c8a.css

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

06aabc2e68363052a34bb066da80dbd7b971e3da6cb54306eff4033a7fba9c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00ee6599340631-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
content-length: 40931
cf-request-id: 051473537a000006312c1db200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 80764472
cache-control: public, max-age=58207
x-vcl-author: Varnish
content-type: text/css
expires: Thu, 10 Sep 2020 10:23:09 GMT

GET
H2 200 834138a.css
www.eweek.com/cms/css/ 14 KB
3 KB 53ms
52ms Stylesheet
text/css 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/css/834138a.css

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

51ebe194bf92c15116362972601f79154294a4e9bfcdac5c60b293002fc02ad2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65998905fd-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 1
content-length: 2662
cf-request-id: 0514735380000005fde3b65200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2403587 5341211
cache-control: public, max-age=58207
accept-ranges: bytes
content-type: text/css
expires: Thu, 10 Sep 2020 10:23:09 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 331 KB
97 KB 154ms
65ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c5cfc11666e63c3f177c9cce0d70f4ffa77a7cf7e417647b48c2bb0ac6326f1c

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:02 GMT
Content-Encoding: gzip
x-amz-request-id: A05AB396776AB634
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: eAoNOk3YphbwpdGn0t16Q+Xvg4L7SzYpyPEpQVPMg8ddNrL6nprlyHrStkd/HRnRSUjd1WTrQUM=
Last-Modified: Tue, 08 Sep 2020 22:46:13 GMT
Server: AmazonS3
ETag: "7e46f380621c1ab9fbf7ac538df2f924"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 b862975.js Show response
www.eweek.com/cms/js/ 2 KB
1 KB 53ms
52ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/b862975.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

da2a886af209510dc91dcf9567dba3c2bf1e39c7891346419f11e513823594cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00ee65a8fad6d9-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 14
content-length: 805
cf-request-id: 05147353870000d6d9e51ef200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 96092982 94167846
cache-control: public, max-age=58207
x-vcl-author: Varnish01
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:23:09 GMT

GET
H2 200 b707007.js Show response
www.eweek.com/cms/js/ 3 KB
1 KB 54ms
53ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/b707007.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

ba7aa3f06edc17169cb0c6a4aad2eeab13cdad5a1cc6867a47d3cba6de6bc363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee659e992b4d-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 158
content-length: 961
cf-request-id: 051473538100002b4d073f3200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 29393100 5898260
cache-control: public, max-age=58251
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:23:53 GMT

GET
H2 200 logo_eweek.jpg
www.eweek.com/bundles/eweekbase/images/ 4 KB
4 KB 89ms
78ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logo_eweek.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee6598d92bf2-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 163
content-length: 3660
cf-request-id: 051473538000002bf24eab2200000001
x-ntv-te: 12 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 9372088 1146943
cache-control: public, max-age=576641
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:43 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=

3 KB
1 KB

7ms
7ms

Script
text/javascript

2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

ad7de7ea27997bcc80fa05b8d39603a51ad4b86ae222074e6f58728a665c061c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:02:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 642
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1179
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:32:20 GMT

Redirect headers

date: Wed, 09 Sep 2020 18:13:02 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box-footer&lang=
https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=

3 KB
1 KB

7ms
6ms

Script
text/javascript

2a00:1450:4001:81e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4077cb19b67aedd5a226e7ea3be91669631a13660397e81dc5e4834b3ac440a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 17:51:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 1313
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1185
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:21:09 GMT

Redirect headers

date: Wed, 09 Sep 2020 18:13:02 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0

GET
H/1.1

200
OK

6FE6466EBE774481BCC555B92226EDB8.jpg
ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/
Redirect Chain

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/6FE6466EBE774481BCC555B92226EDB8.jpg
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/6FE6466EBE774481BCC555B92226EDB8.jpg

10 KB
10 KB

156ms
72ms

Image
image/webp

2.16.186.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/6FE6466EBE774481BCC555B92226EDB8.jpg
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-73.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 13240733abae488bfc9dc3beebd5dbf9492566e11b17d9345077a8fead8caeee

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:03 GMT
Last-Modified: Mon, 27 Jul 2020 21:25:28 GMT
Server: Akamai Image Manager
ETag: "bf917dd7fcf90b7b5a7cebd1803fd7a5"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=43200
Connection: keep-alive
Content-Length: 9958
Expires: Thu, 10 Sep 2020 06:13:03 GMT

Redirect headers

Location: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/6FE6466EBE774481BCC555B92226EDB8.jpg
Date: Wed, 09 Sep 2020 18:13:02 GMT
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H/1.1

200
OK

75CB2C54CC644E5DAEF5788E24AA2C3A.png
ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/
Redirect Chain

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png

16 KB
17 KB

153ms
67ms

Image
image/webp

2.16.186.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.186.73 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-186-73.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6fa9fdd6f8641bfe232255949322b59f913230c64aedb9415f3738d5c992287f

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:03 GMT
Last-Modified: Tue, 08 Sep 2020 16:39:28 GMT
Server: Akamai Image Manager
ETag: "2a993c46eb5e1ce1831c403772b67763"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=43200
Connection: keep-alive
Content-Length: 16828
Expires: Thu, 10 Sep 2020 06:13:03 GMT

Redirect headers

Location: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png
Date: Wed, 09 Sep 2020 18:13:02 GMT
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 RangeForce.jpg
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 18 KB
18 KB 89ms
78ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/RangeForce.jpg?alias=slideshow_preview

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

b453dd4c24a09c8248cdb635054991edc242430caa3b8969d40c4e31044417f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
cf-bgj: h2pri
content-length: 18376
cf-request-id: 051473987700001772c5b98200000001
x-ntv-te: 11 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Tue, 08 Sep 2020 17:11:29 GMT
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d00eed3ff5b1772-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 icon_social_facebook_blue.png
www.eweek.com/bundles/eweekbase/images/ 353 B
784 B 90ms
79ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/icon_social_facebook_blue.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

b61d7ce88dbb1335d8f4f403de85aae5b66bef71d9377978f59d2f176b8dc66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed42faf177e-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 728
content-length: 353
cf-request-id: 05147398970000177e91386200000001
x-ntv-te: 10 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 22479492 1146959
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 social_linkedin_blog_connect.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 91ms
80ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_linkedin_blog_connect.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

cd5957cb688ef7b514e3556880a582b9e6488e4945ad601cd4af5d5484715664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00eed40ee6d6c1-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 4
content-length: 1404
cf-request-id: 05147398880000d6c1aea82200000001
x-ntv-te: 118 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 152875464 152030383
cache-control: public, max-age=576646
x-vcl-author: Varnish01
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:48 GMT

GET
H2 200 social_twitter_blog_connect.jpg
www.eweek.com/bundles/eweekbase/images/ 2 KB
2 KB 91ms
80ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_twitter_blog_connect.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

ee8c9350f2dc014c1df691ec938fef7918710173eaeee6ecdc82443d3d1bd9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed40eb4c281-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 373
content-length: 1729
cf-request-id: 05147398800000c2810fa77200000001
x-ntv-te: 17 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 29622548 917602
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 New.Intel.Optane.JPG
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 167 KB
168 KB 91ms
81ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/New.Intel.Optane.JPG?alias=carousel_regular

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

b932f950e0fd256ebbb033d1bb8c8083a1430c4f5c3803188fd1663febb03201

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: MISS
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:28:33 AM
content-length: 171018
cf-request-id: 05146fd789000005fdd72b8200000001
x-ntv-te: 2569 c:0 a:0
pragma: no-cache
served-by: imageserver-ez.quinstreet.com
last-modified: Wed, 09 Sep 2020 05:19:13 GMT
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 5d00e8d27cd905fd-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 Rola.Dagher.Dell-1.jpg
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 351 KB
352 KB 95ms
84ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/Rola.Dagher.Dell-1.jpg?alias=carousel_regular

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

7c47b51ce2d8e956638385c19f03f09648e326e0d4c892bcf395b762f6f5cf19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
cf-bgj: h2pri
content-length: 359329
cf-request-id: 051473988f00001f3dd8128200000001
x-ntv-te: 19 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Mon, 07 Sep 2020 17:49:12 GMT
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d00eed41f831f3d-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 Confidential.Computing.jpg
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 51 KB
52 KB 98ms
87ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/Confidential.Computing.jpg?alias=carousel_regular

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

00fbbf02843b7473985e1e6bcc6cfa185b3783b439a9af450c7e4742ccc6fcc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
cf-bgj: h2pri
content-length: 52255
cf-request-id: 05147398920000d6f97317e200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Fri, 04 Sep 2020 21:06:21 GMT
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d00eed41b15d6f9-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 Blackberry-CTO-1088x725.png
www.eweek.com/imagesvr_ez/b2bezp/2019/04/ 140 KB
140 KB 102ms
92ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2019/04/Blackberry-CTO-1088x725.png?alias=list_medium

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

d429e18a60775afd101e216069441c1dd97cdb28a0bcb73fee92ebeea38f2f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:37:09 AM
content-length: 142983
cf-request-id: 051477c10400000629d3a0f200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Tue, 16 Apr 2019 18:45:30 GMT
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d00f57b39d00629-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 Steve-Grobman-mcafee-1088x725.png
www.eweek.com/imagesvr_ez/b2bezp/2019/04/ 125 KB
126 KB 108ms
98ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2019/04/Steve-Grobman-mcafee-1088x725.png?alias=list_medium

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

73575a61aac2526dde9164663374aaf9c3e6b036803ed35df5bed50ff8aae2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:37:09 AM
content-length: 128444
cf-request-id: 051477c10600002c19ff158200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Mon, 01 Apr 2019 22:02:50 GMT
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d00f57b3dae2c19-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 footer_logo.png
www.eweek.com/bundles/eweekbase/images/ 2 KB
2 KB 109ms
99ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/footer_logo.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65fdbadffb-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 261
content-length: 1775
cf-request-id: 05147353bb0000dffbdd87a200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 17891560 721006
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 esecurityplanet_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 3 KB
3 KB 113ms
103ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/esecurityplanet_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

6135092bdc3632a769ce90dda6ba2e96865dc27f0705f22b533aebd8495bb954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65ef6adff3-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 753
content-length: 2867
cf-request-id: 05147353b40000dff3f8b7d200000001
x-ntv-te: 15 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 22479491 917590
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 itbe_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 1 KB
2 KB 113ms
103ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/itbe_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

d0109a226b4def4583eb68fbbac17e52bf881218cd9b0ef70415fe76739ecb4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65eaa0bedd-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 1051
content-length: 1437
cf-request-id: 05147353b40000bedd08051200000001
x-ntv-te: 17 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 29294853 1146945
cache-control: public, max-age=576611
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:13 GMT

GET
H2 200 developer_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 4 KB
4 KB 119ms
110ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/developer_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

9f31a3904b1a7dd795a179176a46d020e3f64cc6c11c006621dbdda761af4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65ea2e0631-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 1250
content-length: 3863
cf-request-id: 05147353b4000006312c1e1200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 67272773 1146949
cache-control: public, max-age=583684
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 12:21:06 GMT

GET
H2 200 esf_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 256 B
256 B 122ms
112ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/esf_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65ffa22b4d-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 230
content-length: 256
cf-request-id: 05147353b700002b4d073f7200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 18251777 655437
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 serverwatch_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 1 KB
1 KB 122ms
113ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/serverwatch_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65faad05fd-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 895
content-length: 1174
cf-request-id: 05147353b9000005fde3b6b200000001
x-ntv-te: 9 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 22872077 1146952
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 datamation_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 2 KB
3 KB 122ms
113ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/datamation_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

28e654205749c77ca7c0892a49a8a74e9d0c58629c2184285d140341e1247944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65fe7196e6-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 884
content-length: 2187
cf-request-id: 05147353b9000096e66a961200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 30605393 1146947
cache-control: public, max-age=576648
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:50 GMT

GET
H2 200 social_rss_footer.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 123ms
114ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_rss_footer.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

1ecc528c7da2e95c3e5c1b0404fd4c43c5197c65db42e943a12319161cba038d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65f952c2c2-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 1340
content-length: 1335
cf-request-id: 05147353ba0000c2c2f706c200000001
x-ntv-te: 11 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 35422309 917592
cache-control: public, max-age=576780
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:26:02 GMT

GET
H2 200 social_twitter_footer.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
1 KB 123ms
114ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_twitter_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee660ae505fd-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 697
content-length: 1160
cf-request-id: 05147353c5000005fdd7364200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 5177936 917598
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 social_facebook_footer.png
www.eweek.com/bundles/eweekbase/images/ 957 B
1 KB 124ms
116ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_facebook_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

7e9190d607f09f91f8fa02bbece2164eecc173cc915b7beb326b924831c17229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ee65fa520631-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:18 AM
x-cache-hits: 2872
content-length: 957
cf-request-id: 05147353ba000006312d991200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 29622549 138813
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 social_linkedin_footer.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 125ms
116ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_linkedin_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

659877c31966dec662ceccd15e1c68c4aff8e07bc6936f53081656c7a11725da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed41c2005b7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 1324
content-length: 1133
cf-request-id: 0514739890000005b79dae8200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 29294852 917596
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 social_youtube_footer.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
1 KB 125ms
117ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_youtube_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed41fb5649d-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 796
content-length: 1446
cf-request-id: 05147398930000649d0133c200000001
x-ntv-te: 22 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 21790768 917594
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 6694951.js Show response
www.eweek.com/cms/js/ 258 KB
76 KB 43ms
32ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/6694951.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8f7538d138e8880adf91b22309de2542c8779d3a77db830606b56c7f1a7b9591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00eed41e98bf0a-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 13
content-length: 77106
cf-request-id: 05147398930000bf0a93356200000001
x-ntv-te: 11 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 43316331 43591133
cache-control: public, max-age=58260
x-vcl-author: Varnish
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:24:02 GMT

GET
H2 200 7197bf6.js Show response
www.eweek.com/cms/js/ 96 KB
21 KB 80ms
68ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/7197bf6.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

eede7b7303beabc2bd639da847d964f1d76fe29427796e5546f9a8d4208e6e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00eed42d8305ed-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 11
content-length: 20478
cf-request-id: 0514739896000005ed51880200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 95330594 95658712
cache-control: public, max-age=58207
x-vcl-author: Varnish01
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:23:09 GMT

GET
H2 200 dbc7889.js Show response
www.eweek.com/cms/js/ 7 KB
3 KB 82ms
71ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/dbc7889.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

fe062ce2bf1afc0966528f8f37d2c3346641b7810f5b47fb48fcbaef6bf3df6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed41e51d6b5-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 14
content-length: 2542
cf-request-id: 05147398920000d6b52802d200000001
x-ntv-te: 12 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 1282939 1579380
cache-control: public, max-age=58245
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:23:47 GMT

GET
H/1.1 200
OK atc.min.js Show response
addevent.com/libs/atc/1.6.1/ 31 KB
8 KB 215ms
52ms Script
text/javascript 108.128.194.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://addevent.com/libs/atc/1.6.1/atc.min.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

108.128.194.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-108-128-194-224.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ce91f5b5be9bdfa865d86c8a3ab6e14fee3513d78c6ff0dc22c0bcc743c441a9

Security Headers

Name	Value
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:02 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 7798
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 13 Aug 2020 17:32:56 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public, must-revalidate
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
X-Content-Security-Policy: allow 'self';

GET
H2 200 99a0c46.js Show response
www.eweek.com/cms/js/ 40 KB
7 KB 82ms
71ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/99a0c46.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

0045a3acad18d7644c8213b8d216105742a9de3cda88591ba6ad9830d7ff12fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed42e37c27c-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 14
content-length: 7095
cf-request-id: 05147398960000c27cd1a87200000001
x-ntv-te: 14 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 595820 1579382
cache-control: public, max-age=58207
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:23:09 GMT

GET
H2 200 a2e6745.js Show response
www.eweek.com/cms/js/ 325 KB
83 KB 83ms
72ms Script
application/javascript 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/a2e6745.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8a94aedff5853b3c57bda813b33ac9d93234ab0ffc5baf5bcd90e3a085285454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00eed44de2c2fe-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
x-cache-hits: 21
content-length: 84297
cf-request-id: 05147398aa0000c2fea43d0200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 91617189 95979072
cache-control: public, max-age=58260
x-vcl-author: Varnish01
content-type: application/javascript
expires: Thu, 10 Sep 2020 10:24:02 GMT

GET
H/1.1 200
OK library.js Show response
eweekcom.api.oneall.com/socialize/ 46 KB
12 KB 247ms
71ms Script
text/javascript 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eweekcom.api.oneall.com/socialize/library.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash: 59c6c43d90eb9974f95bb085ed07e51c62235274f1070b125213d32f062b9456

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private
Date: Wed, 09 Sep 2020 18:13:02 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 06:39:25 GMT
Server: nginx
X-Forwarded-Target: xuniform.oneall.com
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: max-age=14400, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 12298
X-Cached: HIT
Expires: Wed, 09 Sep 2020 22:12:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 55 KB
19 KB 129ms
63ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

3ff72c09eecff5421533f303d073d22bf8e3815783a6a2012abad5d11eb3d0d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "627 / 405 of 1000 / last-modified: 1599648006"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18748
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 56 KB
15 KB 115ms
35ms Script
application/x-javascript 95.100.73.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.73.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9f2e3c4567404e3232eba929de1712e81e719866a86ba8ff3a6e6642b0038283

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 14753
last-modified: Tue, 01 Sep 2020 19:35:22 GMT
server: AkamaiNetStorage
etag: "152f1c7e624919fa28ae73dd8d60d82b:1598988922.12464"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 11 Sep 2020 18:13:02 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 299 B
485 B 133ms
53ms Script
application/x-javascript 95.100.73.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.73.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 22:02:45 GMT
server: AkamaiNetStorage
status: 200
etag: "1503f70c7bb024bac76b917ae38a7af3:1584223365.978506"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 209

GET
H2 200 snthemes.js Show response
c.evidon.com/sitenotice/704/ 16 KB
2 KB 99ms
51ms Script
application/x-javascript 95.100.73.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/704/snthemes.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.73.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4da45860301b5bb97d26302e800fa1c675f71218786e42e53e6ebbf304cd15ef

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 2015
last-modified: Tue, 29 May 2018 14:27:04 GMT
server: AkamaiNetStorage
etag: "d38929b15a4a7c34b4338a92da88e7d1:1527604024"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 11 Sep 2020 18:13:02 GMT

GET
H2 200 settings.js Show response
c.evidon.com/sitenotice/704/eweek/ 34 KB
3 KB 101ms
52ms Script
application/x-javascript 95.100.73.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/704/eweek/settings.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.73.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 20396e53e3dc6d8ca49a9e4e12d1d1b129ab87dbf63ecd85aad42366035f755d

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 2820
last-modified: Mon, 30 Sep 2019 17:38:52 GMT
server: AkamaiNetStorage
etag: "1f44740370ce51d7f9dbacb5a98a1ec3:1569865132"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 11 Sep 2020 18:13:02 GMT

GET
H2 200 Jd-PsEKi.js Show response
cdn.krxd.net/controltag/ 59 KB
14 KB 83ms
28ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/Jd-PsEKi.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 759fe12bfce5cbe3d40aed33cd34322d8dd3fdfd1cb4f10a1005b19684e8cf8f

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
age: 305
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 13448
x-served-by: config-service-a006-ash-prod.krxd.net, cache-bwi5140-BWI, cache-hhn4066-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1599675183.917181,VS0,VE1
etag: "fee62865041452fe383cc49ca6865a6d2d7c8017"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:825::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 20:46:40 GMT
server: Golfe2
age: 3442
date: Wed, 09 Sep 2020 17:15:40 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18323
expires: Wed, 09 Sep 2020 19:15:40 GMT

GET
H2 200 social_rss_header.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 124ms
117ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_rss_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

07699c8e69a547fc8a508829645a838351cb2d5112d44d4a4c0bf871bfcda515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f79daf7296e0-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:36 AM
x-cache-hits: 27
content-length: 1498
cf-request-id: 051479168d000096e01621f200000001
x-ntv-te: 9 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 19989260 3675620
cache-control: public, max-age=576654
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:56 GMT

GET
H2 200 social_twitter_header.jpg
www.eweek.com/bundles/eweekbase/images/ 2 KB
2 KB 124ms
117ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_twitter_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

774f49ed7464c8fbc90f12764f881cfbf6f08d3429f06d9d883d69684711be18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f79d9f9c646d-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:36 AM
x-cache-hits: 26
content-length: 1741
cf-request-id: 051479167d0000646da6245200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 30801940 8353
cache-control: public, max-age=576651
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:53 GMT

GET
H2 200 social_facebook_header.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 124ms
118ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_facebook_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

fe2705203130628a9261d211b97911d2431500a8486e4f461da2403366db31b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f79d88103244-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:36 AM
x-cache-hits: 28
content-length: 1410
cf-request-id: 0514791678000032447e9ab200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 31064074 2890806
cache-control: public, max-age=576638
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:40 GMT

GET
H2 200 social_in_header.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 125ms
118ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_in_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

2f5612464becb086f617f071035c72675b665fbd6aa6e747d99ddb42fe08102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f79d8cbd1f21-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:36 AM
x-cache-hits: 30
content-length: 1406
cf-request-id: 051479167900001f21de177200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 26345902 4293360
cache-control: public, max-age=576608
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:10 GMT

GET
H2 200 social_youtube_header.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 125ms
118ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_youtube_header.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

f8ac77d0c47d6b70130e96f0d6e87969ad5f2c5aea4f15fa0ea647fc7ed9813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f79d9a4a1f55-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:36 AM
x-cache-hits: 28
content-length: 1133
cf-request-id: 051479168100001f55040bf200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 30801939 230456
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 search_icon.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 125ms
119ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/search_icon.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

9f3ec013f50507b977e6a1529d85d410e7f116e2a514f63851c5a1ed43bdbc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f79d98810605-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:36 AM
x-cache-hits: 31
content-length: 1336
cf-request-id: 051479167d000006057b870200000001
x-ntv-te: 9 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 31260746 4293358
cache-control: public, max-age=576607
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 OpenSans-Regular.ttf
www.eweek.com/cms/fonts/open-sans/ 204 KB
109 KB 55ms
50ms Font
application/x-font-ttf 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/open-sans/OpenSans-Regular.ttf

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

6a44177bda35e038921d6af62d36355ce647c82e0185487e5427b187fd7f7f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed4c95b177e-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:36 AM
date: Wed, 09 Sep 2020 18:13:02 GMT
content-length: 110802
cf-request-id: 05147398fd0000177e9138e200000001
x-ntv-te: 9 c:0 a:0
pragma: Public
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:22:04 GMT
server: cloudflare
etag: "35110-5ada2d34c461b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 14516395 14516396
cache-control: public, max-age=576634
content-type: application/x-font-ttf
expires: Wed, 16 Sep 2020 10:23:36 GMT

GET
H3-Q050 200 googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 551 B
905 B 27ms
13ms Image
image/png 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 07 Sep 2020 09:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 205601
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 0
expires: Tue, 07 Sep 2021 09:06:21 GMT

GET
H2 200 facebook.png
www.eweek.com/bundles/eweekbase/images/ 264 B
711 B 82ms
81ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/facebook.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3e3b381f9da22cbdb016fd658f887133fdc4ee68f84b2fb3ec71bb0454067ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00f7a5d93b0605-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:37 AM
x-cache-hits: 20
content-length: 264
cf-request-id: 0514791ba3000006057b977200000001
x-ntv-te: 15 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 82636198 77823562
cache-control: public, max-age=576676
x-vcl-author: Varnish
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:24:18 GMT

GET
H2 200 tw.png
www.eweek.com/bundles/eweekbase/images/ 546 B
991 B 82ms
82ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/tw.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

d5a08348c1e08dbd9917320b04e278317938e10c9a3f92ee33b89adee147a425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00f7a5db4c3244-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:37 AM
x-cache-hits: 2
content-length: 546
cf-request-id: 0514791ba3000032447ea02200000001
x-ntv-te: 9 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 88004918 88319155
cache-control: public, max-age=576607
x-vcl-author: Varnish
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 linkedin.png
www.eweek.com/bundles/eweekbase/images/ 360 B
808 B 83ms
82ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/linkedin.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8ea510facb5e675b142cd3d087a6f74194db466ed4030f0d4209c58c3d902182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d00f7a5dcc496e0-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:37 AM
x-cache-hits: 2
content-length: 360
cf-request-id: 0514791ba4000096e016268200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 148238106 152650986
cache-control: public, max-age=576654
x-vcl-author: Varnish01
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:23:56 GMT

GET
H2 200 button_play_video_thumbnails.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 81ms
81ms Image
image/png 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/button_play_video_thumbnails.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

31f991334889e4bbcf622f2b94d5f6944e0b53fbcaa81c527b7d8a5043cefc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eeda19c3649d-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:37 AM
x-cache-hits: 21
content-length: 1445
cf-request-id: 0514739c520000649d01362200000001
x-ntv-te: 14 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 27427487 787192
cache-control: public, max-age=577054
accept-ranges: bytes
content-type: image/png
expires: Wed, 16 Sep 2020 10:30:36 GMT

GET
H2 200 Lato-Regular.ttf
www.eweek.com/cms/fonts/lato/ 109 KB
47 KB 81ms
80ms Font
application/x-font-ttf 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/lato/Lato-Regular.ttf

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

47aae8e75b6d9f0bd2ae91349ca5e3a9524d7f31479243938c9bce75393bfdf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00eed7ac282b35-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:37 AM
date: Wed, 09 Sep 2020 18:13:02 GMT
content-length: 47266
cf-request-id: 0514739acd00002b35708e8200000001
x-ntv-te: 10 c:0 a:0
pragma: Public
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:23:12 GMT
server: cloudflare
etag: "1d584-5ada2d7504245-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 13697200
cache-control: public, max-age=576607
content-type: application/x-font-ttf
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.eweek.com/cms/fonts/ 18 KB
18 KB 89ms
89ms Font
application/octet-stream 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
etag: "466c-5ada2d74fc543"
cf-cache-status: MISS
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:38 AM
date: Wed, 09 Sep 2020 18:13:02 GMT
x-cache-hits: 4
content-length: 18028
cf-request-id: 0514739c140000d6b528070200000001
x-ntv-te: 797 c:0 a:0
pragma: no-cache
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:23:12 GMT
server: cloudflare
x-vcl-author: Varnish
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 74121251 68747487
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 5d00eed9b984d6b5-FRA
expires: Wed, 09 Sep 2020 18:13:02 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 13ms
13ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/41A7) /
Resource Hash: a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:02 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Sep 2020 20:40:54 GMT
Server: ECS (fcn/41A7)
Age: 98
Etag: "a58136137a93f33c1d165df7d4d973f8+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28881

POST
H2 200 / Show response
www.eweek.com/post_handler/ 1 KB
1 KB 8755ms
8755ms XHR
text/html 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/post_handler/

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/js/6694951.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare / PHP/5.5.9-1ubuntu4.20

Resource Hash

7b560babdb3767b37ab12fcdb90131f02f701475c64ebf941b4a9874e39ba893

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: DYNAMIC
x-powered-by: PHP/5.5.9-1ubuntu4.20
cf-ray: 5d02e185489863d7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 11:13:11 AM
content-length: 640
cf-request-id: 0515ab474c000063d706271200000001
x-ntv-te: 8703 c:0 a:0
pragma: no-cache
x-ttl: 0.000
server: cloudflare
date: Wed, 09 Sep 2020 18:13:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 167706968
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html; charset=UTF-8

GET
H2 200 en.js Show response
c.evidon.com/sitenotice/704/translations/ 32 KB
3 KB 35ms
35ms Script
application/x-javascript 95.100.73.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/704/translations/en.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.73.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0ba60b364311c5c38c0327e2636f40ba1e58664b789149ab0c0c7ad497b312f3

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:02 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 2924
last-modified: Thu, 24 May 2018 22:03:25 GMT
server: AkamaiNetStorage
etag: "fd7462b88134ee960139f897e6935d2b:1527199405"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 11 Sep 2020 18:13:02 GMT

GET
H2 200 evidon-banner.js Show response
c.evidon.com/sitenotice/ 11 KB
3 KB 35ms
35ms Script
application/x-javascript 95.100.73.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-banner.js
Requested by: Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 95.100.73.104 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-73-104.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0f475f2c1e33b6687e0290f71d52b26514eab518040333b3448403b3785e6b5a

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 3179
last-modified: Tue, 01 Sep 2020 19:35:22 GMT
server: AkamaiNetStorage
etag: "1970776ddb7531c361e0ea52ce252069:1598988922.824572"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 11 Sep 2020 18:13:03 GMT

GET
H2 204 2
l.evidon.com/site/v3/704/5833/21/1/2/ 0
120 B 374ms
124ms Image
text/plain 52.207.113.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/704/5833/21/1/2/2?consent=0
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.113.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-113-77.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3-Q050 200 pubads_impl_2020090201.js Show response
securepubads.g.doubleclick.net/gpt/ 262 KB
92 KB 101ms
67ms Script
text/javascript 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

sffe /

Resource Hash

b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 02 Sep 2020 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94147
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:13:03 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
395 B 41ms
13ms XHR
text/plain 2a00:1450:4001:824::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j85&aip=1&a=2075372255&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&ul=en-us&de=UTF-8&dt=McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=480462671&gjid=235898066&cid=1414741429.1599675183&tid=UA-48216600-1&_gid=1076168283.1599675183&_r=1&z=2036492255

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 23A2 0
0 7ms
6ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fwww.eweek.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 49936
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Wed, 09 Sep 2020 18:13:03 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 01 Sep 2020 17:58:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/418E)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 145ms
48ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=11238
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=22730
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
539 B 357ms
117ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2433812&ntv_pl=991393
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
538 B 453ms
214ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=8a1823c6-79de-4283-aec9-e80b571e7d77&ntv_a=K_kFAbIBFA3yAQA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgMFIVoT1x1J-iy2hoJwA7C49OIYQ7NFt5tjaHOso18fjMnXVAas1OGNEQBAMd93mp3fsRxu2ia3MHtG16XG0itgs8e2IF0-a45RbZApDL-EdjdRMaUnZfq8__PvNykHuHQ==&ord=1212241396&ntv_ht=LhtZXwA&ntv_tad=16&ntv_az=1V_-wdVf_sHVX_7B&ntv_al=2zQlRNs0JUU=&ntv_ak=YMUhKSCcISlgxSEp&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
538 B 357ms
118ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=8a1823c6-79de-4283-aec9-e80b571e7d77&ntv_fl=k4_euJ5Ww-btn4yGYn2KgMFIVoT1x1J-iy2hoJwA7C49OIYQ7NFt5tjaHOso18fjMnXVAas1OGNEQBAMd93mp3fsRxu2ia3MHtG16XG0itiJ0pJ0Ynh8hLq7lQsGgiPR&ntv_ht=LhtZXwA&ntv_tpvcs=&ntv_at=323&ntv_a=AAAAAAAAAA3yAQA&ntv_jtr=4&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
538 B 360ms
122ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46&ntv_ui=08dd920d-c77c-489a-9012-c0b9ff958b83&ntv_a=7g4GAeY1GA3iAQA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgMFIVoT1x1J-iy2hoJwA7C49OIYQ7NFt5tjaHOso18fjMnXVAas1OGNEQBAMd93mp3fsRxu2ia3MHtG16XG0itgs8e2IF0-a45RbZApDL-EdjdRMaUnZfq8__PvNykHuHQ==&ord=-1398053989&ntv_ht=LhtZXwA&ntv_tad=16&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
538 B 356ms
118ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_mat=337*2835&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 controltag.js.840d44399e357e7da3f94ce724fcd35c Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 27ms
27ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/Jd-PsEKi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
age: 588557
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 1534616
content-length: 84307
x-served-by: cache-hhn4066-HHN
last-modified: Mon, 24 Aug 2020 10:19:29 GMT
x-timer: S1599675183.062888,VS0,VE0
etag: "840d44399e357e7da3f94ce724fcd35c"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 22 Aug 2030 10:19:28 GMT

GET
H/1.1 200
OK queue.js Show response
eweekcom.api.oneall.com/socialize/loudvoice/ 6 KB
3 KB 86ms
86ms Script
text/javascript 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eweekcom.api.oneall.com/socialize/loudvoice/queue.js?parent_uri=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Requested by: Host: eweekcom.api.oneall.com
URL: https://eweekcom.api.oneall.com/socialize/library.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash: a97213d63d7f4864ebcd32ef9d3ebdb0d3bd2413f82172d3865b8fe4293a0169

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Wed, 09 Sep 2020 18:13:03 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 06:39:25 GMT
Server: nginx
X-Forwarded-Target: xvictor.oneall.com
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: max-age=14400, public
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 2400
X-Cached: EXPIRED
Expires: Wed, 09 Sep 2020 22:13:03 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
877 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e757953a1fdf109e10ae7a38bf78632a0010e7ce1f2805e159f44d847de719fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 09 Sep 2020 18:13:03 GMT
server: ESF
date: Wed, 09 Sep 2020 18:13:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 09 Sep 2020 18:13:03 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
86 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j85&tid=UA-48216600-1&cid=1414741429.1599675183&jid=480462671&gjid=235898066&_gid=1076168283.1599675183&_u=YEBAAEAAAAAAAC~&z=548961380

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 09 Sep 2020 18:13:03 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 21635
l.evidon.com/site/v3/704/5833/21/1/2/2/ 0
120 B 295ms
146ms Image
text/plain 52.207.113.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/704/5833/21/1/2/2/21635?consent=0
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.113.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-113-77.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H2 204 21635
l.evidon.com/site/v3/704/5833/21/4/2/2/ 0
120 B 281ms
135ms Image
text/plain 52.207.113.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://l.evidon.com/site/v3/704/5833/21/4/2/2/21635?consent=0
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.113.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-113-77.compute-1.amazonaws.com
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-powered-by: Express
etag: W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
vary: Accept-Encoding

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
273 B 32ms
32ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-48216600-1&cid=1414741429.1599675183&jid=480462671&_u=YEBAAEAAAAAAAC~&z=324359548

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
106 B 30ms
30ms Image
image/gif 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j85&tid=UA-48216600-1&cid=1414741429.1599675183&jid=480462671&_u=YEBAAEAAAAAAAC~&z=324359548

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame DB79 0
0 27ms
26ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Wed, 09 Sep 2020 18:13:03 GMT
via: 1.1 varnish
age: 38169946
x-served-by: cache-hhn4066-HHN
x-cache: HIT
x-cache-hits: 437942
x-timer: S1599675183.156462,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H/1.1 200
OK /
eweekcom.api.oneall.com/socialize/loudvoice/discussion/ Frame C2C5 0
0 104ms
104ms Document
text/html 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eweekcom.api.oneall.com/socialize/loudvoice/discussion/?args=%7B%22placeholder_start_discussion%22%3A%22%40%22%2C%22placeholder_leave_comment%22%3A%22%40%22%2C%22iframeid%22%3A%22oa_loudvoice_frame_148593%22%2C%22providers%22%3A%5B%22facebook%22%2C%22google%22%2C%22linkedin%22%5D%2C%22page_title%22%3A%22McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22author_session_token%22%3A%22%22%2C%22parent_uri%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22comment_depth%22%3A%5B5%2C3%5D%2C%22comment_direction%22%3A%22%22%2C%22custom_css_uri%22%3A%22%22%2C%22offset_top%22%3A0%2C%22enable_editor%22%3Afalse%2C%22render_collapsed%22%3Afalse%2C%22reference%22%3A%22%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22id%22%3A148593%7D&lang=en
Requested by: Host: eweekcom.api.oneall.com
URL: https://eweekcom.api.oneall.com/socialize/library.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash

Request headers

Host: eweekcom.api.oneall.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

Server: nginx
Date: Wed, 09 Sep 2020 18:13:03 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2283
Connection: keep-alive
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
X-Forwarded-Target: xromeo.oneall.com
Vary: Accept-Encoding
Content-Encoding: gzip
X-Accepted-Source: xalpha.oneall.com

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
890 B 52ms
19ms Script
application/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.eweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 37ms
16ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.eweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 73 KB
10 KB 186ms
185ms XHR
text/plain 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=774364470854979&correlator=3569004280865594&output=ldjh&impl=fifs&eid=21066929%2C21062971%2C21064169%2C21065975&vrg=2020090201&npa=1&guci=2.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200909&iu_parts=5055%2Cb2b%2Cit%2Ceweek%2Cp1-imu%2Cp2-imu%2Cp1-lb%2Cp2-lb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7&prev_iu_szs=300x250%7C300x600%7C300x1050%2C300x250%7C300x600%2C640x480%7C728x90%7C970x90%7C970x250%7C1000x90%2C728x90&prev_scp=pos%3Dtop%26refreshable%3Dtrue%26adrefreshed%3Dfalse%7Cpos%3Dmid%26refreshable%3Dtrue%26adrefreshed%3Dfalse%7Cpos%3Dtop%26refreshable%3Dtrue%26adrefreshed%3Dfalse%7Cpos%3Dlow%26refreshable%3Dtrue%26adrefreshed%3Dfalse&cust_params=kw%3Dattacks%252Ccompromised%252Ccritical%252Cinfrastructure%252Ccompanies%252Chacking%252Ctools%252Cmcafee%252Cnight%252Cdragon%252Ccyberattack%252Cunsophisticated%252Cbut%252Ceffective%26tax%3Dproduct%2520security%2520antivirus%252Cproduct%2520it%2520security%2520gateway%2520and%2520network%2520security%2520web%2520security%252Cproduct%2520security%2520threats%2520and%2520vulnerability%2520hackers%252Cproduct%2520security%2520threats%2520and%2520vulnerability%26path%3Dsecurity%252Cmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%26articlekey%3D921833%26pagetype%3Darticle%26securesite%3Dtrue%26url%3Dhttp%253A%252F%252Fwww.eweek.com%252Fsecurity%252Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%26pfm%3Ddes%26env%3Dprod%26wtdlk%3D&cookie_enabled=1&bc=31&abxe=1&lmt=1599675183&dt=1599675183215&dlt=1599675182625&idt=544&frm=20&biw=1600&bih=1200&oid=3&adxs=1096%2C1096%2C480%2C436&adys=682%2C2182%2C136%2C3162&adks=1559789334%2C2722770246%2C2014856158%2C1591461919&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&dssz=79&icsg=141602340668&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=299x250%7C299x250%7C1600x480%7C1600x120&msz=299x250%7C299x250%7C1600x480%7C1600x90&ga_vid=1414741429.1599675183&ga_sid=1599675183&ga_hid=2075372255&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

85331ab178d1a22dff3cfbcca705f7385ba04c64297cd072ed8bcd32be0ae809

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9695
x-xss-protection: 0
google-lineitem-id: 5457660940,5431140666,5431140666,5431140666
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322910053,138317943357,138317878160,138317943366
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.eweek.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5f904dc2fa13ef941cbb1a42431e0f51.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 52ms
38ms Other
text/html 2a00:1450:4001:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5f904dc2fa13ef941cbb1a42431e0f51.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:824::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 28ms
8ms Other
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 e135fda1-30ea-4b03-9420-07993c74ffc0 Show response
consumer.krxd.net/consent/get/ 225 B
424 B 84ms
64ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e135fda1-30ea-4b03-9420-07993c74ffc0?idt=device&dt=kxcookie&callback=Krux.ns.quinstreet.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 202acdb41bcb0d8f48ceb8868221ba4571040db07622c247a03f8b01b09cedcb

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4048-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1599675183.305372,VS0,VE30
content-length: 185
via: 1.1 varnish
x-cache-hits: 0, 1

GET
H2 200 e135fda1-30ea-4b03-9420-07993c74ffc0 Show response
consumer.krxd.net/consent/set/ 261 B
344 B 63ms
63ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/e135fda1-30ea-4b03-9420-07993c74ffc0?idt=device&dt=kxcookie&dc=0&al=0&tg=0&cd=0&sh=0&re=0&callback=Krux.ns.quinstreet.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 067bb1f73256dfa60510e643081f3d13981e82e5fda6d768da266dca400fc25e

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
age: 0, 0
x-served-by: consumer-a001-dub-prod.krxd.net, cache-hhn4048-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes, bytes, bytes
x-timer: S1599675183.309799,VS0,VE26
content-length: 221
via: 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 11238 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 320 B
612 B 153ms
152ms Script
application/octet-stream 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/11238?t=202089202
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 56f7c16a284fa1becd116099585108dba842f55074f664a428a7897bb642a3f2

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: XEPHySaxq2nPcsYaQ2oInyiN3fAs4gxc
last-modified: Wed, 09 Sep 2020 18:03:01 GMT
server: AmazonS3
x-amz-request-id: 67F6CAC30366E969
etag: "8f847dafd3e1a8044a30970f3db1fef5"
content-type: application/octet-stream
status: 200
date: Wed, 09 Sep 2020 18:13:03 GMT
accept-ranges: bytes
content-length: 320
x-amz-id-2: Y/iTCNIJrUsarp6oNVf2nVEbIO+yalRE+hKqnVNDngWICz4WzNbMOAxVnhvUqe8XUlr9y1iITik=

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008242301000/ Frame 24FD 206 KB
56 KB 49ms
27ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe153f75f3748e81"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 24FD 95 KB
29 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29201
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "64b4eb13675b1bd5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
DATA 200
OK truncated
/ Frame 24FD 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5c9180971e8baa7016d5b101d87d0259543ccc3a2ca1f05540070d1fad542316

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008242301000/ Frame B6DE 206 KB
56 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe153f75f3748e81"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame B6DE 95 KB
29 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29201
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "64b4eb13675b1bd5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
DATA 200
OK truncated
/ Frame B6DE 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b24903088db5457e82e02bfaa7cd185e377dbbdab6419e320a536f9c3784088e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008242301000/ Frame AFF0 206 KB
56 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe153f75f3748e81"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame AFF0 95 KB
29 KB 14ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29201
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "64b4eb13675b1bd5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
DATA 200
OK truncated
/ Frame AFF0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edbf66cce12217207b47a508a6532f0b250cbfa87f9df9f2e1a54a494ff3a2c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 5317847844547960297
tpc.googlesyndication.com/simgad/ Frame 24FD 176 KB
176 KB 63ms
48ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5317847844547960297

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56aa8a4ce27496c6e4a6eaac184f2d4208429b96266f95779ff08c421d16def8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 04:39:07 GMT
x-content-type-options: nosniff
age: 48836
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 180075
x-xss-protection: 0
last-modified: Tue, 08 Sep 2020 16:10:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 04:39:07 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 24FD 0
159 B 66ms
65ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOTPKyhpuU_ZsM2fLn4OYzG93cEEL4G4XFHyVAd3YrvimMmVwIg5oCxFAF3p4ZlHJi4kcNa20YfINIyFkY0rqLDFEe4tJLEqtF_d39YW0VgKXZNxZ_VGWQIrameDjp8SJ73s9DVTkvXvCf453b5uSzgVuWJVm89HK4ASG5vGV49S22ZlBO76GjbGsj5rKpTEMcLPQUiDJYPyZEntrXGgcmeIevywoXFWRr3A3_uccPpLuSkbMBYR84c1Op2pVEEdVF2hehvAKypxXweQ&sai=AMfl-YQs3SW9ZhIKCmk0N9PevuL9jBfP5ESAYMDeL8XbaYzEyphbRMgeM7CMNdriKS__tqGd8H2Og70IZ_rFxvrYpyJDyEU7zSvXtiEmhjK-DkQ4D24guMuuEjIc1SN2MXij&sig=Cg0ArKJSzJQVpstO6c3dEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:13:03 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 24FD 0
0 15ms
13ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSM9A66G8ymEwPa5vLeEDgluzxnXUAox3fUE87fDSWrP45fYqvfouSaPZNFunnyMKTYCXLC
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 8830476422457666422
tpc.googlesyndication.com/simgad/ Frame B6DE 19 KB
19 KB 30ms
16ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8830476422457666422

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d2e35cfd53681e798d9104d268a05093cdacaf4dbf5350fc56e11778b9abd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 20:06:39 GMT
x-content-type-options: nosniff
age: 79584
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19305
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 20:06:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6DE 0
255 B 65ms
63ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvk05E2QdfG5sry62oiqk9J7od4T9RBlFHgTxf_wFuWG-C4DjC_yVbVyy3NO7T_kXP68NMLLASG4dMPGNhKsKnyKcJ9jd2Qw5hKU4pjpdw6wUjVwZykfdouhgK0qKkxo-LHPP-_lTMK1Te1hOrB-FtkeaKfGDFXjfh0wWOazuN5oGwIxu_aSfMsQ9JYNOpDtR9nx_S22Cw9P774OtuVo3RVtUnNxAEDt76BN3Ulk-xuonp83Y2910R6-2hJibIC2PPZLMJv0oI4tzVWEA&sai=AMfl-YRXfqiiZV9HnBvLTPDuY9AVHCCZQ4OG3xu4pzmLVvZX95n5UV-TlRMA812mU_JkRaqds-fMq9ztGYygxa0YuZkjcs4tQ-roaw6F3AmXWck5GvFi1D8JpJxm-XGOUSM2&sig=Cg0ArKJSzF5XrrzMc2e0EAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:13:03 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame B6DE 0
0 15ms
14ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzBYJjkRgiaNgV4AvOSdpNdOK9AN_LrmGGUsrjBq-gFly20LpaZb_H-a-YEAQziO2r_mh7
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 9821937224733526414
tpc.googlesyndication.com/simgad/ Frame AFF0 7 KB
7 KB 29ms
15ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9821937224733526414

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630eb3990531002971601a95ae393ca1ed281c472bb53863630954d695ff3234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 19:55:39 GMT
x-content-type-options: nosniff
age: 80244
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 19:55:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFF0 0
159 B 65ms
64ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMfNibO4bxkecRqio5Z2PEKdSuAcnZ8iixFPZgVgccISrg26XInmW_axukAgpCqjxwvMUX6unjbrcZQ0-YtwgjQUCOsqtUx1o7_v1qciN4pJuBhSKjIz_unu57mrSdCxnGFHLnPgzqLNaEtdeQ2FJKYsYXfLnOczskFazKjxKV0LLQrZrKlf-FJ4R3Z1I9UV91341Dap5Em1nltU3vsWZzSlXlle1QL1re9Q4JUkDr6j_yKBqfPfrkaE3unxSpOlTdSUkp4_hvHTQa&sai=AMfl-YT1EsTTzJixdccScAvS_o1KDsAu0MBss40JnfSEQExpAfp5AqMO-1mX-LOkKpHKTWpI5e2vaxXz7hyP5Jl8qBQsCM7rRzEHDJcNqmfOlnNwauwZEHjUt_Nv_zplzTsk&sig=Cg0ArKJSzFUKhBXf1GxNEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:13:03 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 120ms
120ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_mat=335*3303&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012008242301000/ Frame 753B 206 KB
56 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57291
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fe153f75f3748e81"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012008242301000/v0/ Frame 753B 95 KB
29 KB 51ms
7ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012008242301000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 3086
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29201
x-xss-protection: 0
server: sffe
date: Wed, 09 Sep 2020 17:21:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "64b4eb13675b1bd5"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 17:21:37 GMT

GET
DATA 200
OK truncated
/ Frame 753B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17df069870d9d1bba0656b1e89855524e4bf6473683e2d9e8af46e81eac1cf1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 6556661269293946991
tpc.googlesyndication.com/simgad/ Frame 753B 21 KB
21 KB 50ms
49ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6556661269293946991

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8096e54fdaa2ccd4b3245f2a37f6543d7731a9b542ffbfa04593042d87b7cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 20:06:39 GMT
x-content-type-options: nosniff
age: 79584
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21105
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 20:06:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 753B 0
21 B 64ms
62ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0vbS_gtuLO3i1_nDkbk5fz-49VOgcrs28tGFsag0C_aaq0uVgMFVB6PFWX194szNZiwvXM1PniaZCuHU9Gf2IkDGrFDhypFZ5WZ9uh9HWPb4fSzWzuRFkEC5jQs3E8pGKNu1LPtIe1aE1wJzkCPZ6fQQcoWZQzgWeuVuJmxOhb7Y9I6qvADn-e_wLlIClVYr2yVHQCTRB05wJY5XArg7SaHcPJid00fbwju0rKNsDRMEKbtC65dkzPCQ5xmDiDm-GWO4Pn7sHsStx&sai=AMfl-YQ9lZK3epVOhf626Ijrif0Erpy7kVXooA0uVjswtWPeZTEtOrAIeugiMs5OmbIliRrIjfcCIqQ9ju-4S1ZapYl_aZj-BlxXZskfJIsgfNvBkf6BgrQEiB5dKeBHGh0I&sig=Cg0ArKJSzGOoFOktZVSZEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 753B 0
0 44ms
43ms Image
text/html 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWD9k7t-7xMa1nPiEsJN6_kYM59DpbELj_HBPX9LjTgxfwO8YPBljfJRg58P1awlkRDGIB
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 124ms
123ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_mat=334*4;336*4&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

/
www.eweek.com/ntv-ce-sync/1086902825/
Redirect Chain

https://jadserve.postrelease.com/ce.gif?do=gci&fpd=www.eweek.com&ntv_it
https://www.eweek.com/ntv-ce-sync/1086902825/?id=429537eb-949a-4214-96f9-d9820d9d9d2c&o=0&s=1&do=syn

43 B
817 B

190ms
189ms

Image
image/gif

184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eweek.com/ntv-ce-sync/1086902825/?id=429537eb-949a-4214-96f9-d9820d9d9d2c&o=0&s=1&do=syn
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a184-30-212-44.deploy.static.akamaitechnologies.com
Software: cloudflare /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 0515ab4a630000d6c5a3aa4200000001
cf-cache-status: DYNAMIC
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 11:13:03 AM
content-length: 43
x-ntv-te: 133 c:0 a:0
pragma: no-cache
server: cloudflare
date: Wed, 09 Sep 2020 18:13:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5d02e18a3bd0d6c5-FRA
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
server: nginx/1.12.1
status: 302
location: https://www.eweek.com/ntv-ce-sync/1086902825/?id=429537eb-949a-4214-96f9-d9820d9d9d2c&o=0&s=1&do=syn
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

200

brandlift.php
www.facebook.com/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?ci=nlsnapi29032&am=4&ep=1&at=view&rt=banner&st=image&ca=moat_tsci_7GD8k&cr=crv3966877&pc=b-11238-www.nativo.com&r=1599675183528
https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&plac...

67 B
888 B

179ms
168ms

Image
image/png

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&placement_id=0f75615df50b11c30a37f4d32869ebe2dd60e9db3bd327b133d12813199638bb&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20200909&imp=1&h=049d6c002d&rnd=1599675183

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: Jm8StN24tmBByTaibkbabgxYCZGIURajJ3/nXF3AucCx/0NiP+BOm4o7IZo1gXoYfxJ03vBHTeLtXY21aaoxuA==
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Wed, 09 Sep 2020 18:13:03 GMT
strict-transport-security: max-age=15552000; preload
content-type: image/png
status: 200
cache-control: private, no-store, no-cache, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:03 GMT
via: 1.1 d331d277ec81e476ff09fa9d30df05d0.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: TXL52-C1
status: 302
location: https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&placement_id=0f75615df50b11c30a37f4d32869ebe2dd60e9db3bd327b133d12813199638bb&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20200909&imp=1&h=049d6c002d&rnd=1599675183
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 4EUvTtzmCn4lMPtEOFVyxtOHYVlab2AuXHabOmHOSyw0nDOiXRc1QA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 200 9821937224733526414
tpc.googlesyndication.com/simgad/ Frame AFF0 7 KB
7 KB 6ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9821937224733526414

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630eb3990531002971601a95ae393ca1ed281c472bb53863630954d695ff3234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 19:55:39 GMT
x-content-type-options: nosniff
age: 80244
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 19:55:39 GMT

GET
H3-Q050 200 8830476422457666422
tpc.googlesyndication.com/simgad/ Frame B6DE 19 KB
19 KB 7ms
6ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8830476422457666422

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54d2e35cfd53681e798d9104d268a05093cdacaf4dbf5350fc56e11778b9abd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 20:06:39 GMT
x-content-type-options: nosniff
age: 79584
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19305
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 20:06:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AFF0 0
21 B 62ms
62ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTor4kBWAf9g61dYLCHWmsvbIHOXhdl9LmyXtK6MAX96qZsd-Y_JyjeT7bzgC62jAqhi8ZtQmUmF5GO1sPG9LDVDPrX8ZnKZp3Et66H8zdXi3yQjyLpZ0rTJhGDw8_Pwn2UqpmocYluEIccljXVC3pRxk0MT-kA-gDYE2y1A_GGHFKRDOKh3ex3uPa2_NymJe7RFQGykSgG6kyHHv_ceUZKNst2m4Ge6ujq0PEr0i5vIQB1H-NHN6obcL16uvsgxDB0kAuNh0UAivsaVA&sai=AMfl-YQWlQd25lNxojhBgpIBXPs07RYbkkilIo0S9O-Gz2SRAjlN9BoKYTJG9pKSbFv6gJ7l3PpQWfx5W8MAqRgLLLU67evlZTXtS4K1k2ov56DuhTEr_D09KaWxuV-hVTii&sig=Cg0ArKJSzOl6Jj5TwnVyEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame B6DE 0
21 B 60ms
60ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkSLcTJLHPPgjoAUlYYKcgCLM96fETk4nvH1ld-AG3bHv1ftxrevz9BGRYrfAGiK3FUit3kGuIxF2C__Zxn5fFLsAHXuJGtxQ_QazzN20ylOoyiL3iDwOIEXyj_Pskl_fypf9HVUbUmcJ_HyYaLYFYxBt9CNgnIbLwmRUxmHUPoWV9DLHk0S5YF85JpWgPZhTlMkvqfmn5Eu0ThdabLttSQ6Q-u0VGcujZ27ORiY-3c9_lVp2LzmBCMmW0YJyCSyLDdZkBTc5ufZ4bxU4o&sai=AMfl-YTQWDepxu3N-WUX8aMDmDaUPfkdUOruQ73N-TMoGbDjyWY9-oZq5p8gGp3qLJNXAxMUcuEHxF7S9Zf8SPi6ghZOixDIH82JMuEsFL7_C2T-6PBJu6Ibu0Dxpmn5I_54&sig=Cg0ArKJSzB4VniOSVnCsEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 5317847844547960297
tpc.googlesyndication.com/simgad/ Frame 24FD 176 KB
176 KB 8ms
7ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5317847844547960297

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56aa8a4ce27496c6e4a6eaac184f2d4208429b96266f95779ff08c421d16def8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 04:39:07 GMT
x-content-type-options: nosniff
age: 48836
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 180075
x-xss-protection: 0
last-modified: Tue, 08 Sep 2020 16:10:27 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 09 Sep 2021 04:39:07 GMT

GET
H3-Q050 200 6556661269293946991
tpc.googlesyndication.com/simgad/ Frame 753B 21 KB
21 KB 8ms
8ms Image
image/png 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6556661269293946991

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8096e54fdaa2ccd4b3245f2a37f6543d7731a9b542ffbfa04593042d87b7cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 08 Sep 2020 20:06:39 GMT
x-content-type-options: nosniff
age: 79584
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21105
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:30 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Sep 2021 20:06:39 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 753B 0
21 B 62ms
62ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwRARa-BGbwvpuLxCtuh2sBAQ8ocysiJ_tTRBSVmbypdl7Q3UluP_CoChq5OTQr6DSYwQmVvv0u2fSruu2aPM1ImKgDA7ZaHVHRzbLKZYVMYzusIDL7L3n_DOaTjrIK4fRW0bFceA7mo5hxCEOmykzGXuxeILHKmvZvFb0qgByFKyO7MCQ2BVbCmJwM0cdvD1d6-nOJDX6gaVoqpJBFFLSENUo9z1z8g3hW-StpLS9IBC2fSRJ8tBRuciEFeS6w5AO5s7P5ayuEfTtElA&sai=AMfl-YQ00R6H-a9muMrnOBmZrw1enh7wyhIeW1yCaiUCDCdgjA77cjxReQevqoXVTJTj6mQioonVcQ7-0DW12w-CTvxRV_NyGkvARxcxQiR0jKD-86VZhTKX8dnvxgNEKKC0&sig=Cg0ArKJSzD8ZFcrYWYjwEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 24FD 0
21 B 62ms
62ms Image
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwQBGaXBikvRUWVyIYxQVmXSszmBA_WFkWKNC7lh8qQX1u6wo1u5_VO-uACL6VpUUx8JSFnt7Oo4o0nDeNAGd3k4_XixjZ7eB4yQtuW4-njtzhBC9jlJkrsyzaEtb9xnuq8SadVm93tIzj6DZ7JXofq-r1VkDnMGLXn1ZLGOdTSfPGW7W3m-89U3WXJzOVTlNBh8yp0hHUiHomJiIaynp6njCcxc8-PPjF_EBV2f52G3e8K_FtAtjkOvGDSxWBVtqvQRFgL8zebVJGgIHD&sai=AMfl-YQQuHv1lkq8i-7S9-TMbPnXOLi3QhUhG1X_hC2aPhGFiskCIo6KDhxmETNUJSki7T_woX0rUzdfRHUVX34plURkclQpIyvvq-bJbNsq8LMmbWwTfGMAkIrfIGNC7Lcu&sig=Cg0ArKJSzEQ5Tw6km9tsEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 icon_email_personalization.jpg
www.eweek.com/bundles/eweekbase/images/ 2 KB
3 KB 29ms
28ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/icon_email_personalization.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

00214ae0d2c14c8e74484c9359a36fe5cf6b6d85c699df9d60283f1097a0a218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f7c0fee09ac2-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:42 AM
x-cache-hits: 18
content-length: 2371
cf-request-id: 0514792c9900009ac2dbb33200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 28213366 7504799
cache-control: public, max-age=576606
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 arrow_personalization.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 29ms
29ms Image
image/jpeg 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/arrow_personalization.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

34d87b5c55c884c6d98a650dd8cccb4345ffe7a762e24c72ca6559ec1cff81b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00f7c0fe7e0629-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:38:42 AM
x-cache-hits: 31
content-length: 1401
cf-request-id: 0514792c9900000629d3a50200000001
x-ntv-te: 15 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Wed, 09 Sep 2020 18:13:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 31785018 13205805
cache-control: public, max-age=576611
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 16 Sep 2020 10:23:14 GMT

GET
H2 200 Lato-Bold.ttf
www.eweek.com/cms/fonts/lato/ 111 KB
47 KB 30ms
29ms Font
application/x-font-ttf 184.30.212.44
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/lato/Lato-Bold.ttf

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.212.44 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a184-30-212-44.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

bf4ea0b5cecc6e6abe221559004b6910dfdf0296e1ff4664edae80b8ac61ae5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d00ef061a68177e-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/9/2020, 5:32:44 AM
date: Wed, 09 Sep 2020 18:13:03 GMT
content-length: 47819
cf-request-id: 051473b7ca0000177e911d4200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:23:12 GMT
server: cloudflare
etag: "1dbbc-5ada2d7504245-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 9765553
cache-control: public, max-age=576606
content-type: application/x-font-ttf
expires: Wed, 16 Sep 2020 10:23:09 GMT

GET
H2 200 blueconic.min.js Show response
tatestdrive.blueconic.net/frontend/static/javascript/blueconic/ 126 KB
38 KB 478ms
226ms Script
text/javascript 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

82bb5b0cf35374b4d02d75f64b53cbdb43cf5f3699b46e93e8320f3d6bab67e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 8cca1378cb51b0385c7dbdceed5396ce
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=600
content-type: text/javascript; charset=utf-8
content-length: 38432
x-xss-protection: 1; mode=block
expires: Wed, 09 Sep 2020 18:23:04 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 83 B
242 B 58ms
57ms Script
text/javascript 18.203.241.243
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.quinstreet.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.241.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-241-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e6e6fd6e7ed0ee7e6428ed9ff64f049cbcd0854ae6da91f8e29b909f029ac353

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Wed, 09 Sep 2020 18:13:03 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1599675183
content-type: text/javascript
x-served-by: beacon-n014-dub-prod.krxd.net

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 344 B
532 B 130ms
129ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=e135fda1-30ea-4b03-9420-07993c74ffc0&technographics=1&callback=Krux.ns.quinstreet.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ec02d9fae16043f3c62f289bffd11c68bbf29f3d975de262d092cdcdbf693fd

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
age: 0
x-cache: MISS, MISS
status: 200
x-age: 0
content-length: 268
x-served-by: userdata-a001-ash-prod.krxd.net, cache-hhn4066-HHN
x-timer: S1599675184.969006,VS0,VE98
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=1800
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
21ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020090201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d38678cfd7d8af353fdeac6170693d55b300cbb251d71483b03a0cc2e5fbc16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6383
x-xss-protection: 0

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 115ms
38ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 a-01eo.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 147ms
126ms Script
application/javascript 2a02:26f0:10c::5f64:c130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01eo.min.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c::5f64:c130 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: d18bcd5308dc4a2d3eb225f3ad10020070dca44f03a568324f66fe24007f41cb

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 11:35:56 GMT
etag: "ccf2cc1740af8428879ab2be34b19047"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3580
accept-ranges: bytes
content-length: 10390

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 12ms
8ms Script
application/x-javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
last-modified: Wed, 09-Sep-2020 18:13:03 GMT
etag: M0-2a172724
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: private, no-transform, max-age=604800
strict-transport-security: max-age=86400
content-length: 8060
expires: Wed, 16 Sep 2020 18:13:03 GMT

GET
H/1.1 200
OK utsync.ashx
ml314.com/ 43 B
517 B 48ms
46ms Image
image/gif 52.215.86.157
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50027&et=0&d=qnst041720171
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.86.157 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-86-157.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Sep 2020 18:13:03 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Thu, 10 Sep 2020 14:13:04 GMT

GET
H2

204

data.gif
beacon.krxd.net/
Redirect Chain

https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e
https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=164980103539001509444

0
336 B

58ms
57ms

Image
text/plain

18.203.241.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=164980103539001509444
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.241.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-241-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 09 Sep 2020 18:13:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1599675184
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n023-dub-prod.krxd.net

Redirect headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:04 GMT
server: AAWebServer
status: 302
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=164980103539001509444
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=17772711&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2

43 B
1 KB

27ms
27ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 09 Sep 2020 18:13:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.115:80
AN-X-Request-Uuid: 6f06bf11-4824-4adf-92ef-63b5fb2331fc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 09 Sep 2020 18:13:04 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.186:80
AN-X-Request-Uuid: 4731bec8-0e09-4c27-adff-88a3f66727ab
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020090201.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Wed, 09 Sep 2020 18:13:03 GMT

GET
H2 200 rules-p-vPn77x7pBG57Y.js Show response
rules.quantcount.com/ 3 B
356 B 175ms
127ms Script
application/x-javascript 2600:9000:20e8:8800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-vPn77x7pBG57Y.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:8800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:12:54 GMT
via: 1.1 fe14b43a6dfec5fc809a25185c7fce43.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 12
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: yHegNZuejWiZTWAuK_1VtDCJ2dHqGR59ifur0XmtPnArG9xMidy-YA==

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 8F95 0
0 6ms
6ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Wed, 09 Sep 2020 18:03:14 GMT
expires: Thu, 09 Sep 2021 18:03:14 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 590
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
5 KB 38ms
38ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:04 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Fri, 18 Dec 2020 18:13:04 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c::5f64:c130
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01eo.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c::5f64:c130 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 09:48:23 GMT
etag: "ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-amz-meta-version: 0.2.0
content-type: application/javascript
status: 200
cache-control: max-age=1157
accept-ranges: bytes
content-length: 2374

GET
H/1.1 200
OK visitWebPage Show response
949-nym-063.mktoresp.com/webevents/ 2 B
311 B 531ms
110ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://949-nym-063.mktoresp.com/webevents/visitWebPage?_mchNc=1599675184133&_mchCn=&_mchId=949-NYM-063&_mchTk=_mch-eweek.com-1599675184132-59850&_mchHo=www.eweek.com&_mchPo=&_mchRu=%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Wed, 09 Sep 2020 18:13:04 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 081665eb-36a6-477b-a236-b62aaec78a99

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
165 B 41ms
40ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020090201&jk=774364470854979&bg=!srGlsalYGfeaGh-7dh4CAAAAaFIAAAAMCgE_KaGxSpSek44IuqYeN5ROErMNuhh3II-MEsRM2qP7oPo-5Qu3oae9LeXEB2wSO8FF3IP1Lc-sOXT7NzUzhrvZVQ4smyRbSuYPVwoXQ8ViJoknMPkuqk_i_VBbxTuwaPPPs6WVrjSFssuB0eovEodFKzfwocVLjSJu2T-ZhKcRnHxCpZc_7vazmyMcheAG4hw2vaL-s5L38c_oVS6DpGidZtc7vljGj8M-vPzasUxoYo6YmzQNQmhbSXyKb_UnXjvahx678uAX3b-qGW2iNVYHNA7wehQVhD3jREIt3IHKUfRJBUnIU2eP5Dgo0p4wEWnnMXmkzqvyh-tCFNmISlSvhvFzlv5hWkORqzapzE3LtCN_1xENnZcaDW9n_Sco4fozO9U7qOLHUdVCCtGeMmA-4dKPAkHVr3ZbrZJmQ4lR6JkBphRMbvUtrkEeV-eqaloFyfR7WaVhINDenLOTtJ0Z8RgqsJVkWk0_pqH9uoqflUiTOJ3kHKNY-pO0JhL7jlQufTez0wgrHbq-3sJCcEwvN9qq2-RxhhnA0HLwNSwpQ8Ezskx2bdOrzmUFZ6gwaFTrfZYoyfVRca-ItU9bhp5JLA7lh0GFeDtXHF1e1oFxIDwxGfhWg_Y9seGAOTSF8Bb0D82zvaVymCq2aM2dOSUCWIiXmoiAoHCfQ_U6wBpczChNsxvzmJTOXBRuRCZ5QElbFxu6tooMtj_7tbx4qONI3_F2OazX4DPqc8aEL9C2KAzbKEiBiA80gBd5rakRDdnvZLJ-84NXCGB_1oTA8DPHa9lM0R_G6nqvxxwU7ztCkud-pOtzv6KDktlleoGTgG0oym5Vvv2FHD65LXDZJShc1ywqaXjymJicJk-vQubHFuUfCOdBguQaUFO4EWpV1mjqA66bqjZtaKKjjJ0n9BzZ71MCsfolY-YR9JBLOtADLfgmuj4gEG3zheyUU9bwRgv6UqEjdCmVUCGVqXIIq459-HL8JvTgA7gV

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
336 B 58ms
58ms Image
text/plain 18.203.241.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=Jd-PsEKi&_kpid=e135fda1-30ea-4b03-9420-07993c74ffc0&_kcp_s=eweek.com&_kcp_d=www.eweek.com&_knifr=8&_kua_kx_tz=-120&geo_country=ch&geo_region=zh&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_tech_browser=Chrome%2083&_kua_kx_tech_manufacturer=Apple%20Inc.&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Mac%20OS%20X&_kua_kx_geo_country=ch&_kua_kx_geo_region=zh&_kua_kx_whistle=0&_kpa_kx_context_terms=Ji3pktCL%3A3%2CJi3pkYvl%3A1%2CJfmsB880%3A3%2CJi3pklTz%3A2%2CJi3pkrMv%3A2%2CJi3p_QCe%3A1%2CJi3pkmI4%3A1%2CJi3q7GV8%3A4%2CJfmsCRi8%3A1%2CJfmsCUyh%3A6%2CJi3pkUFw%3A1%2CJi3pkW0v%3A1%2CJi3p_aFW%3A1%2CJfmsB-Gk%3A1%2CJi3q3KPc%3A1%2CJi3pkpm1%3A7%2CJi3pkgr9%3A2%2CJi3pkU27%3A1&_kpa_keywords=attacks%2Ccompromised%2Ccritical%2Cinfrastructure%2Ccompanies%2Chacking%2Ctools%2Cmcafee%2Cnight%2Cdragon%2Ccyberattack%2Cunsophisticated%2Cbut%2Ceffective&_kpa_url_path_1=security&_kpa_url_path_2=mcafee-night-dragon-cyber-attack-unsophisticated-but-effective&_kpa_domain=eweek.com&_kpa_env=prod&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=6&t_content_ready=2671&t_window_load=3715&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=vjizedl26&userdata_user=NopGoKaA%2Cvjizedl26&sview=1&kplt0=44827&kplt1=30001&kplt2=36127&kplt3=36767&kplt4=45155&kplt5=19515&kplt6=19516&kplt7=19517&kplt8=19519&kplt9=19524&kplt10=19533&kplt11=19536&kplt12=19541&kplt13=19542&kplt14=19548&kplt15=19550&kplt16=19551&kplt17=19554&kplt18=19555&kplt19=19556&kplt20=19557&kplt21=19558&kplt22=19559&kplt23=19560&kplt24=30025&kplt25=40211&kplt26=41744&kplt27=44425&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe135fda1-30ea-4b03-9420-07993c74ffc0%2C104%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2Fe135fda1-30ea-4b03-9420-07993c74ffc0%2C106%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C59%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C131
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.241.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-241-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Wed, 09 Sep 2020 18:13:04 GMT
cache-control: private, no-cache, no-store
x-request-time: D=86 t=1599675184
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n017-dub-prod.krxd.net

GET
H2 200 pixel;r=642310243;rf=0;a=p-vPn77x7pBG57Y;url=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective;fpan=1;fpa=P0-418981855-1599675184181;ns=0;ce=1;...
pixel.quantserve.com/ 35 B
210 B 9ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=642310243;rf=0;a=p-vPn77x7pBG57Y;url=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective;fpan=1;fpa=P0-418981855-1599675184181;ns=0;ce=1;qjs=1;qv=35f667c6-20200713111428;cm=;gdpr=0;ref=;d=eweek.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1599675184181;tzo=-120;ogl=locale.en_US%2Curl.https%3A%2F%2Fwww%252Eeweek%252Ecom%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-%2Ctitle.McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective%2Cdescription.Researchers%20say%20%22Night%20Dragon%22%20was%20effective%20at%20targeting%20critical%20infrastructur%2Cimage.https%3A%2F%2Fwww%252Eeweek%252Ecom%2Fbundles%2Feweekbase%2Fimages%2Flogo_eweek%252Ejpg%2Cimage%3Awidth.157px%2Cimage%3Aheight.42px%2Ctype.article%2Csite_name.eWEEK%2Cupdated_time.2020-09-08%2015%3A51%3A10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:04 GMT
strict-transport-security: max-age=86400
content-type: image/gif
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01eht14czyp...
https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01eht14czy...

43 B
500 B

462ms
123ms

Image
image/gif

3.213.73.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01eht14czypg9jmy7c2rg350w8&se=e30&dtstmp=1599675184246&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.213.73.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-213-73-156.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
vary: Origin
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 845bc2b8fd780155
request-time: 1
content-length: 43
x-content-type-options: nosniff

Redirect headers

x-frame-options: DENY
date: Wed, 09 Sep 2020 18:13:04 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
status: 302
request-time: 0
location: https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01eht14czypg9jmy7c2rg350w8&se=e30&dtstmp=1599675184246&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: ea7a89783b04af87
vary: Origin
content-length: 0
x-content-type-options: nosniff

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
339 B 120ms
120ms Image
image/gif 54.80.117.178
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=2845&ntv_r2=2845&ntv_r3=2845&ntv_r4=2845&ntv_pl=991393&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.117.178 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-80-117-178.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:04 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 15 KB
4 KB 125ms
125ms XHR
application/json 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=&bctempid=&overruleReferrer=&time=2020-09-09T20%3A13%3A04%2B02%3A00&ts=1599675184433

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

4ad706def412dedb7f74fc40d2382de1382a1bcbf72e5f8e96ea1a7d11521054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 3052
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 2d7f7728cf615e7d9c5a52182b49baeb Show response
tatestdrive.blueconic.net/plugin/plugin/ 37 KB
10 KB 125ms
125ms Script
text/javascript 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/plugin/plugin/2d7f7728cf615e7d9c5a52182b49baeb

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

a1ed70a156b6fb446289a7db193708b2f8328d3f521c87a29589c4ba6467b521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 2d7f7728cf615e7d9c5a52182b49baeb
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 9179
x-xss-protection: 1; mode=block
expires: Thu, 09 Sep 2021 18:13:04 GMT

GET
H2 200 529510cf39a401e2b1e85690f9586e65 Show response
tatestdrive.blueconic.net/plugin/library/ 221 KB
70 KB 128ms
128ms Script
text/javascript 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/plugin/library/529510cf39a401e2b1e85690f9586e65

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

7bc11e666c27496a16d383628b30962882e3d258c54602d4a8ccc7e31a3a8f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 529510cf39a401e2b1e85690f9586e65
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 71424
x-xss-protection: 1; mode=block
expires: Thu, 09 Sep 2021 18:13:04 GMT

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 1 KB
1 KB 228ms
228ms XHR
application/json 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=&bctempid=73ea7cb1-99ee-4b6e-944e-58a0134220a3&overruleReferrer=&time=2020-09-09T20%3A13%3A04%2B02%3A00&ts=1599675184694

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

2ed81a81e934c0c2fe6a197fc901862f973976b1c5d7027e1709bee6f308ccf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Sep 2020 18:13:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 606
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame AFF0 42 B
70 B 39ms
39ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2LY8KVtHp1TwK6PRn7gZXSjFa3J3-ps_5Yth9yb2dmM_SAezG3U4Vj4PzJEDjip0hn3kAzfX3m1AUFhCKSl-0cCGVZmaHSKBr87xPYjo&sig=Cg0ArKJSzA1yo5SS1D7REAE&id=ampim&o=436,155&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=128&tls=1129&g=100&h=100&tt=1129&r=v&avms=ampa&adk=2014856158

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 24FD 42 B
65 B 39ms
38ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0uVIzZyuuBf9YUOWxIbz_o91mH9Q0eqkDtu3mkAbjX2cwCJP806ilEYtVCn1ukzU0OYI1c1nT4MzQYjbGSxjWVRSeoX__4CRRhR9poXE&sig=Cg0ArKJSzJnAmmcD5MbjEAE&id=ampim&o=1096,331&d=300,600&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=110&tls=1110&g=100&h=100&tt=1110&r=v&avms=ampa&adk=1559789334

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 09 Sep 2020 18:13:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 195 B
848 B 126ms
126ms XHR
application/json 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=73ea7cb1-99ee-4b6e-944e-58a0134220a3&bctempid=&overruleReferrer=&time=2020-09-09T20%3A13%3A04%2B02%3A00&ts=1599675184952

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

6e2be48657ff1320d23b2ac096f9ae3ce5cc498eb0081a5772e6683fa5beaf51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Sep 2020 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 118
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set a-01eo
i.liadm.com/s/c/ Frame C515 0
0 505ms
129ms Document
text/html 54.164.237.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01eo?s=&cim=&ps=true&ls=true&duid=8b76a4d438d6--01eht14czypg9jmy7c2rg350w8&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.164.237.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-164-237-91.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: lidid=dcc5676f-0eda-455e-af54-2a79b1c9b32b
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 09 Sep 2020 18:13:05 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIBhDADTIFCAoQwA0yBQh6EL8NMgYIiwEQwA0yBQgLEMANMgUICxDADTIFCHkQvw0; Max-Age=2592000; Expires=Fri, 09 Oct 2020 18:13:05 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 635
Connection: keep-alive

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 98 B
835 B 287ms
286ms XHR
application/json 18.209.169.27
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=73ea7cb1-99ee-4b6e-944e-58a0134220a3&bctempid=&overruleReferrer=&time=2020-09-09T20%3A13%3A05%2B02%3A00&ts=1599675185148

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.209.169.27 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-209-169-27.compute-1.amazonaws.com

Software

- /

Resource Hash

1f6c4248cf61c6df138db32b8d31fa9aeba488863e1d7af4c95b5cc5215d374f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 09 Sep 2020 18:13:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 109
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krxd.net/	1970-01-19 16:40:27	Name: _kuid_ Value: NopGoKaA
.eweek.com/	1970-01-19 21:06:51	Name: ntv_as_syn Value: 1858875183
.eweek.com/	1970-01-19 21:06:51	Name: ntv_as_adb Value: 0
.eweek.com/	1970-01-19 12:22:41	Name: _gid Value: GA1.2.1076168283.1599675183
.eweek.com/	1970-01-20 05:52:27	Name: _ga Value: GA1.2.1414741429.1599675183
.eweek.com/security	1970-01-21 08:09:15	Name: ntv_ce_visitor Value: 053a5ab1-4053-49cf-b568-1d45dbd97b4a
.eweek.com/	1970-01-19 21:06:51	Name: ntv_ce_s2p Value: 1
.eweek.com/	1970-01-20 05:52:27	Name: __gads Value: ID=f585fe0a16836b14-229f05bfd3b80061:T=1599675183:S=ALNI_Mah2ZNh7gS4HGQJ2R6NTR8BdKnTJw
.www.eweek.com/	1970-01-19 13:04:27	Name: __cfduid Value: d7f98857063ba90a7e78313e9c7c3f5831599675180
.eweek.com/	1970-01-19 21:06:51	Name: ntv_as_status Value: 1
.eweek.com/	1970-01-19 21:06:51	Name: ntv_as_visitor Value: 429537eb-949a-4214-96f9-d9820d9d9d2c
.eweek.com/	1970-01-19 12:21:15	Name: _gat Value: 1
.eweek.com/	1970-01-19 21:06:51	Name: ntv_as_ver Value: 1
www.eweek.com/	1969-12-31 23:59:59	Name: DC Value: SFDC

28 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 77) Message: QS: DFP GPT Code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 80) Message: QS: DFP Tag Code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 84) Message: QS: Evidon Code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 154) Message: QS: Krux Interchange Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 156) Message: QS: Krux Control Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 158) Message: QS: Krux Data Layer
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 160) Message: QS: Krux Consent Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 164) Message: QS: ML Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 168) Message: QS: GA Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 173) Message: QS: DFP Visibility code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 305) Message: QS: Checking for consent data
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 160) Message: SF DMP: Successfully set consent flags.
console-api	info	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2008242301000 https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
console-api	info	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2008242301000 https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
console-api	info	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2008242301000 https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
console-api	info	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 420) Message: Powered by AMP ⚡ HTML – Version 2008242301000 https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTor4kBWAf9g61dYLCHWmsvbIHOXhdl9LmyXtK6MAX96qZsd-Y_JyjeT7bzgC62jAqhi8ZtQmUmF5GO1sPG9LDVDPrX8ZnKZp3Et66H8zdXi3yQjyLpZ0rTJhGDw8_Pwn2UqpmocYluEIccljXVC3pRxk0MT-kA-gDYE2y1A_GGHFKRDOKh3ex3uPa2_NymJe7RFQGykSgG6kyHHv_ceUZKNst2m4Ge6ujq0PEr0i5vIQB1H-NHN6obcL16uvsgxDB0kAuNh0UAivsaVA&sai=AMfl-YQWlQd25lNxojhBgpIBXPs07RYbkkilIo0S9O-Gz2SRAjlN9BoKYTJG9pKSbFv6gJ7l3PpQWfx5W8MAqRgLLLU67evlZTXtS4K1k2ov56DuhTEr_D09KaWxuV-hVTii&sig=Cg0ArKJSzOl6Jj5TwnVyEAE&adurl=
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvkSLcTJLHPPgjoAUlYYKcgCLM96fETk4nvH1ld-AG3bHv1ftxrevz9BGRYrfAGiK3FUit3kGuIxF2C__Zxn5fFLsAHXuJGtxQ_QazzN20ylOoyiL3iDwOIEXyj_Pskl_fypf9HVUbUmcJ_HyYaLYFYxBt9CNgnIbLwmRUxmHUPoWV9DLHk0S5YF85JpWgPZhTlMkvqfmn5Eu0ThdabLttSQ6Q-u0VGcujZ27ORiY-3c9_lVp2LzmBCMmW0YJyCSyLDdZkBTc5ufZ4bxU4o&sai=AMfl-YTQWDepxu3N-WUX8aMDmDaUPfkdUOruQ73N-TMoGbDjyWY9-oZq5p8gGp3qLJNXAxMUcuEHxF7S9Zf8SPi6ghZOixDIH82JMuEsFL7_C2T-6PBJu6Ibu0Dxpmn5I_54&sig=Cg0ArKJSzB4VniOSVnCsEAE&adurl=
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwRARa-BGbwvpuLxCtuh2sBAQ8ocysiJ_tTRBSVmbypdl7Q3UluP_CoChq5OTQr6DSYwQmVvv0u2fSruu2aPM1ImKgDA7ZaHVHRzbLKZYVMYzusIDL7L3n_DOaTjrIK4fRW0bFceA7mo5hxCEOmykzGXuxeILHKmvZvFb0qgByFKyO7MCQ2BVbCmJwM0cdvD1d6-nOJDX6gaVoqpJBFFLSENUo9z1z8g3hW-StpLS9IBC2fSRJ8tBRuciEFeS6w5AO5s7P5ayuEfTtElA&sai=AMfl-YQ00R6H-a9muMrnOBmZrw1enh7wyhIeW1yCaiUCDCdgjA77cjxReQevqoXVTJTj6mQioonVcQ7-0DW12w-CTvxRV_NyGkvARxcxQiR0jKD-86VZhTKX8dnvxgNEKKC0&sig=Cg0ArKJSzD8ZFcrYWYjwEAE&adurl=
console-api	warning	URL: https://cdn.ampproject.org/rtv/012008242301000/amp4ads-v0.js(Line 21) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstwQBGaXBikvRUWVyIYxQVmXSszmBA_WFkWKNC7lh8qQX1u6wo1u5_VO-uACL6VpUUx8JSFnt7Oo4o0nDeNAGd3k4_XixjZ7eB4yQtuW4-njtzhBC9jlJkrsyzaEtb9xnuq8SadVm93tIzj6DZ7JXofq-r1VkDnMGLXn1ZLGOdTSfPGW7W3m-89U3WXJzOVTlNBh8yp0hHUiHomJiIaynp6njCcxc8-PPjF_EBV2f52G3e8K_FtAtjkOvGDSxWBVtqvQRFgL8zebVJGgIHD&sai=AMfl-YQQuHv1lkq8i-7S9-TMbPnXOLi3QhUhG1X_hC2aPhGFiskCIo6KDhxmETNUJSki7T_woX0rUzdfRHUVX34plURkclQpIyvvq-bJbNsq8LMmbWwTfGMAkIrfIGNC7Lcu&sig=Cg0ArKJSzEQ5Tw6km9tsEAE&adurl=
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 305) Message: QS: Checking for consent data
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 949-NYM-063 [object Object]
console-api	log	URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js(Line 132) Message: [BC]Item will not be scraped due to missing publication date
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 305) Message: QS: Checking for consent data
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 305) Message: QS: Checking for consent data
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 305) Message: QS: Checking for consent data
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 352) Message: QS: Consent data is not ready - moving on
console-api	log	URL: https://www.eweek.com/cms/js/a2e6745.js(Line 4163) Message: [object Object]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f904dc2fa13ef941cbb1a42431e0f51.safeframe.googlesyndication.com
949-nym-063.mktoresp.com
aa.agkn.com
addevent.com
adservice.google.ch
adservice.google.com
b-code.liadm.com
beacon.krxd.net
c.evidon.com
cdn.ampproject.org
cdn.krxd.net
consumer.krxd.net
cse.google.com
eweekcom.api.oneall.com
fonts.googleapis.com
i.liadm.com
jadserve.postrelease.com
l.evidon.com
ml314.com
munchkin.marketo.net
ntvaim-a.akamaized.net
ntvcld-a.akamaihd.net
pagead2.googlesyndication.com
pixel.quantserve.com
platform.twitter.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s-jsonp.moatads.com
s.ntv.io
secure-gl.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tatestdrive.blueconic.net
tpc.googlesyndication.com
www.eweek.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
z.moatads.com
104.111.250.210
108.128.194.224
136.243.63.184
151.101.114.133
18.203.241.243
18.209.169.27
184.30.212.44
192.28.144.124
2.16.186.73
2.16.186.99
216.58.206.2
23.210.250.13
23.210.250.213
2600:1f18:730:b150:e012:d004:2b3d:e4f0
2600:9000:20e8:8800:6:44e3:f8c0:93a1
2600:9000:20e8:8a00:1e:a43d:b640:93a1
2606:2800:234:46c:e8b:1e2f:2bd:694
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:814::2004
2a00:1450:4001:81a::2003
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::200e
2a00:1450:4001:824::2001
2a00:1450:4001:824::200e
2a00:1450:4001:825::2002
2a00:1450:4001:825::200e
2a00:1450:400c:c06::9d
2a02:26f0:10c::5f64:c130
2a03:2880:f11c:8183:face:b00c:0:25de
3.213.73.156
37.252.172.45
52.207.113.77
52.215.86.157
52.29.85.133
54.164.237.91
54.80.117.178
95.100.73.104
00214ae0d2c14c8e74484c9359a36fe5cf6b6d85c699df9d60283f1097a0a218
0045a3acad18d7644c8213b8d216105742a9de3cda88591ba6ad9830d7ff12fe
00fbbf02843b7473985e1e6bcc6cfa185b3783b439a9af450c7e4742ccc6fcc7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
067bb1f73256dfa60510e643081f3d13981e82e5fda6d768da266dca400fc25e
06aabc2e68363052a34bb066da80dbd7b971e3da6cb54306eff4033a7fba9c72
07699c8e69a547fc8a508829645a838351cb2d5112d44d4a4c0bf871bfcda515
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0ba60b364311c5c38c0327e2636f40ba1e58664b789149ab0c0c7ad497b312f3
0f475f2c1e33b6687e0290f71d52b26514eab518040333b3448403b3785e6b5a
13240733abae488bfc9dc3beebd5dbf9492566e11b17d9345077a8fead8caeee
17df069870d9d1bba0656b1e89855524e4bf6473683e2d9e8af46e81eac1cf1a
1ecc528c7da2e95c3e5c1b0404fd4c43c5197c65db42e943a12319161cba038d
1f6c4248cf61c6df138db32b8d31fa9aeba488863e1d7af4c95b5cc5215d374f
1fbd06d98ff87713eb030669571c929ab75539f05252f04ae1df807c28b20e95
202acdb41bcb0d8f48ceb8868221ba4571040db07622c247a03f8b01b09cedcb
20396e53e3dc6d8ca49a9e4e12d1d1b129ab87dbf63ecd85aad42366035f755d
28e654205749c77ca7c0892a49a8a74e9d0c58629c2184285d140341e1247944
2ed81a81e934c0c2fe6a197fc901862f973976b1c5d7027e1709bee6f308ccf9
2f5612464becb086f617f071035c72675b665fbd6aa6e747d99ddb42fe08102d
31f991334889e4bbcf622f2b94d5f6944e0b53fbcaa81c527b7d8a5043cefc39
34d87b5c55c884c6d98a650dd8cccb4345ffe7a762e24c72ca6559ec1cff81b3
3ff72c09eecff5421533f303d073d22bf8e3815783a6a2012abad5d11eb3d0d7
4077cb19b67aedd5a226e7ea3be91669631a13660397e81dc5e4834b3ac440a3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
47aae8e75b6d9f0bd2ae91349ca5e3a9524d7f31479243938c9bce75393bfdf9
4ad706def412dedb7f74fc40d2382de1382a1bcbf72e5f8e96ea1a7d11521054
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da45860301b5bb97d26302e800fa1c675f71218786e42e53e6ebbf304cd15ef
51ebe194bf92c15116362972601f79154294a4e9bfcdac5c60b293002fc02ad2
54d2e35cfd53681e798d9104d268a05093cdacaf4dbf5350fc56e11778b9abd5
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56aa8a4ce27496c6e4a6eaac184f2d4208429b96266f95779ff08c421d16def8
56f7c16a284fa1becd116099585108dba842f55074f664a428a7897bb642a3f2
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59c6c43d90eb9974f95bb085ed07e51c62235274f1070b125213d32f062b9456
5c9180971e8baa7016d5b101d87d0259543ccc3a2ca1f05540070d1fad542316
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
6135092bdc3632a769ce90dda6ba2e96865dc27f0705f22b533aebd8495bb954
630eb3990531002971601a95ae393ca1ed281c472bb53863630954d695ff3234
659877c31966dec662ceccd15e1c68c4aff8e07bc6936f53081656c7a11725da
6a44177bda35e038921d6af62d36355ce647c82e0185487e5427b187fd7f7f04
6d38678cfd7d8af353fdeac6170693d55b300cbb251d71483b03a0cc2e5fbc16
6e2be48657ff1320d23b2ac096f9ae3ce5cc498eb0081a5772e6683fa5beaf51
6fa9fdd6f8641bfe232255949322b59f913230c64aedb9415f3738d5c992287f
73575a61aac2526dde9164663374aaf9c3e6b036803ed35df5bed50ff8aae2e0
759fe12bfce5cbe3d40aed33cd34322d8dd3fdfd1cb4f10a1005b19684e8cf8f
774f49ed7464c8fbc90f12764f881cfbf6f08d3429f06d9d883d69684711be18
7b560babdb3767b37ab12fcdb90131f02f701475c64ebf941b4a9874e39ba893
7bc11e666c27496a16d383628b30962882e3d258c54602d4a8ccc7e31a3a8f4a
7c47b51ce2d8e956638385c19f03f09648e326e0d4c892bcf395b762f6f5cf19
7e9190d607f09f91f8fa02bbece2164eecc173cc915b7beb326b924831c17229
8130c2c72afad9d94581ef93aaa00524093103c47c71fce52f606d5ff693c3ce
82bb5b0cf35374b4d02d75f64b53cbdb43cf5f3699b46e93e8320f3d6bab67e1
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85331ab178d1a22dff3cfbcca705f7385ba04c64297cd072ed8bcd32be0ae809
8650b44af3a92cd792be66e147c9912c594ef53c8f2e9725e9d36c4f489826b7
8a94aedff5853b3c57bda813b33ac9d93234ab0ffc5baf5bcd90e3a085285454
8ea510facb5e675b142cd3d087a6f74194db466ed4030f0d4209c58c3d902182
8f7538d138e8880adf91b22309de2542c8779d3a77db830606b56c7f1a7b9591
9ec02d9fae16043f3c62f289bffd11c68bbf29f3d975de262d092cdcdbf693fd
9f2e3c4567404e3232eba929de1712e81e719866a86ba8ff3a6e6642b0038283
9f31a3904b1a7dd795a179176a46d020e3f64cc6c11c006621dbdda761af4b21
9f3ec013f50507b977e6a1529d85d410e7f116e2a514f63851c5a1ed43bdbc3d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0b8d5f925cb1ad83c665488cf3d59c2b4acf9f0ec9f277db2441ca69d3900b0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ed70a156b6fb446289a7db193708b2f8328d3f521c87a29589c4ba6467b521
a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
a97213d63d7f4864ebcd32ef9d3ebdb0d3bd2413f82172d3865b8fe4293a0169
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad7de7ea27997bcc80fa05b8d39603a51ad4b86ae222074e6f58728a665c061c
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
b08c92f2985a2cf85e942b566af89d0738cb22e14d0db5ddbefd6c4034a169e8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24903088db5457e82e02bfaa7cd185e377dbbdab6419e320a536f9c3784088e
b453dd4c24a09c8248cdb635054991edc242430caa3b8969d40c4e31044417f9
b4e8f2d73294065f2c0e54cb17bcba8bf7440408b804f9052ac03c0ff9adb398
b61d7ce88dbb1335d8f4f403de85aae5b66bef71d9377978f59d2f176b8dc66f
b932f950e0fd256ebbb033d1bb8c8083a1430c4f5c3803188fd1663febb03201
ba7aa3f06edc17169cb0c6a4aad2eeab13cdad5a1cc6867a47d3cba6de6bc363
bf4ea0b5cecc6e6abe221559004b6910dfdf0296e1ff4664edae80b8ac61ae5c
c5cfc11666e63c3f177c9cce0d70f4ffa77a7cf7e417647b48c2bb0ac6326f1c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd5957cb688ef7b514e3556880a582b9e6488e4945ad601cd4af5d5484715664
ce91f5b5be9bdfa865d86c8a3ab6e14fee3513d78c6ff0dc22c0bcc743c441a9
d0109a226b4def4583eb68fbbac17e52bf881218cd9b0ef70415fe76739ecb4c
d18bcd5308dc4a2d3eb225f3ad10020070dca44f03a568324f66fe24007f41cb
d429e18a60775afd101e216069441c1dd97cdb28a0bcb73fee92ebeea38f2f2b
d5a08348c1e08dbd9917320b04e278317938e10c9a3f92ee33b89adee147a425
da2a886af209510dc91dcf9567dba3c2bf1e39c7891346419f11e513823594cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e3b381f9da22cbdb016fd658f887133fdc4ee68f84b2fb3ec71bb0454067ca
e6e6fd6e7ed0ee7e6428ed9ff64f049cbcd0854ae6da91f8e29b909f029ac353
e757953a1fdf109e10ae7a38bf78632a0010e7ce1f2805e159f44d847de719fb
e8096e54fdaa2ccd4b3245f2a37f6543d7731a9b542ffbfa04593042d87b7cdb
edbf66cce12217207b47a508a6532f0b250cbfa87f9df9f2e1a54a494ff3a2c6
ee8c9350f2dc014c1df691ec938fef7918710173eaeee6ecdc82443d3d1bd9a3
eede7b7303beabc2bd639da847d964f1d76fe29427796e5546f9a8d4208e6e8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ac77d0c47d6b70130e96f0d6e87969ad5f2c5aea4f15fa0ea647fc7ed9813a
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a
fe062ce2bf1afc0966528f8f37d2c3346641b7810f5b47fb48fcbaef6bf3df6c
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe2705203130628a9261d211b97911d2431500a8486e4f461da2403366db31b3

www.eweek.com Open in urlscan Pro 184.30.212.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

160 Requests

98 %HTTPS

49 %IPv6

30 Domains

43 Subdomains

37 IPs

6 Countries

2854 kBTransfer

6233 kBSize

14 Cookies

18 Outgoing links

Page URL History

Redirected requests

160 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eweek.com Open in urlscan Pro
184.30.212.44 Public Scan

Screenshot
Live screenshot

Full Image

160
Requests

98 %
HTTPS

49 %
IPv6

30
Domains

43
Subdomains

37
IPs

6
Countries

2854 kB
Transfer

6233 kB
Size

14
Cookies

160 HTTP transactions
0 data transactions