www.infosecurity-magazine.com Open in urlscan Pro
212.70.65.105 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
Submission: On October 21 via api (October 21st 2019, 9:43:03 am UTC) from CH

Summary HTTP 88 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 19 domains to perform 88 HTTP transactions. The main IP is 212.70.65.105, located in United Kingdom and belongs to INTUITIV-AS Intuitiv Autonomous System, GB. The main domain is www.infosecurity-magazine.com.
TLS certificate: Issued by Thawte RSA CA 2018 on August 5th 2019. Valid for: 2 years.

This is the only time www.infosecurity-magazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	212.70.65.105 212.70.65.105	16174 (INTUITIV-...) (INTUITIV-AS Intuitiv Autonomous System)
2	2a00:1450:400... 2a00:1450:4001:821::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
14	212.70.65.106 212.70.65.106	16174 (INTUITIV-...) (INTUITIV-AS Intuitiv Autonomous System)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	212.70.65.107 212.70.65.107	16174 (INTUITIV-...) (INTUITIV-AS Intuitiv Autonomous System)
3	2.18.232.15 2.18.232.15	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
5	2a00:1450:400... 2a00:1450:4001:825::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2 6	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81e::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:814::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
6	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:20:... 2606:4700:20::6819:f763	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
4	3.222.178.2 3.222.178.2	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
1	13.224.196.58 13.224.196.58	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY - Fastly)
5	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2606:4700::68... 2606:4700::6810:4da6	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY - Fastly)
7	2a00:1450:400... 2a00:1450:4001:821::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2404:6800:400... 2404:6800:4005:811::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
2 2	63.34.164.219 63.34.164.219	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	34.231.125.84 34.231.125.84	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
88	29

7 212.70.65.105 (United Kingdom)

ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB)
PTR: www.infosec.intuitiv.net

www.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 212.70.65.106 (United Kingdom)

ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB)
PTR: res.infosec.intuitiv.net

res.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.70.65.107 (United Kingdom)

ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB)
PTR: assets.infosecurity.intuitiv.net

assets.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.232.15 (Ascension Island)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-232-15.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.23.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::6819:f763 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdn.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.222.178.2 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-3-222-178-2.compute-1.amazonaws.com

polo.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.196.58 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-58.fra2.r.cloudfront.net

marco.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)

infosecuritymagazine.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:4da6 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.134 (United States)

ASN54113 (FASTLY - Fastly, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:821::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4005:811::2003 (Australia)

ASN15169 (GOOGLE - Google LLC, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.164.219 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-34-164-219.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.125.84 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-231-125-84.compute-1.amazonaws.com

polo-v1.feathr.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	infosecurity-magazine.com www.infosecurity-magazine.com res.infosecurity-magazine.com assets.infosecurity-magazine.com	633 KB
10	google.com 2 redirects www.google.com cse.google.com adservice.google.com clients1.google.com	159 KB
8	gstatic.com fonts.gstatic.com csi.gstatic.com	51 KB
7	ampproject.org cdn.ampproject.org	331 KB
7	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	267 KB
7	feathr.co cdn.feathr.co polo.feathr.co marco.feathr.co polo-v1.feathr.co	37 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net	90 KB
3	disquscdn.com c.disquscdn.com	217 KB
3	disqus.com infosecuritymagazine.disqus.com disqus.com	24 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	adsrvr.org 2 redirects match.adsrvr.org	930 B
2	facebook.com www.facebook.com	247 B
2	facebook.net connect.facebook.net	87 KB
2	google.de adservice.google.de www.google.de	280 B
2	google-analytics.com www.google-analytics.com	18 KB
2	addthis.com s7.addthis.com	189 KB
1	addthisedge.com v1.addthisedge.com	506 B
1	googletagservices.com www.googletagservices.com	15 KB
1	googletagmanager.com www.googletagmanager.com	21 KB
88	19

	Domain	Requested by
14	res.infosecurity-magazine.com	www.infosecurity-magazine.com
7	cdn.ampproject.org	securepubads.g.doubleclick.net
7	www.infosecurity-magazine.com	www.infosecurity-magazine.com ajax.googleapis.com
6	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.infosecurity-magazine.com
6	www.google.com	2 redirects cse.google.com www.infosecurity-magazine.com
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.infosecurity-magazine.com cdn.ampproject.org
5	fonts.gstatic.com	res.infosecurity-magazine.com www.infosecurity-magazine.com ajax.googleapis.com
4	polo.feathr.co	cdn.feathr.co www.infosecurity-magazine.com
3	csi.gstatic.com	cdn.ampproject.org
3	c.disquscdn.com	infosecuritymagazine.disqus.com
2	pagead2.googlesyndication.com
2	match.adsrvr.org	2 redirects
2	disqus.com	infosecuritymagazine.disqus.com
2	www.facebook.com	www.infosecurity-magazine.com connect.facebook.net
2	connect.facebook.net	www.infosecurity-magazine.com connect.facebook.net
2	www.google-analytics.com	www.infosecurity-magazine.com
2	cse.google.com	www.infosecurity-magazine.com www.google.com
2	s7.addthis.com	www.infosecurity-magazine.com s7.addthis.com
2	assets.infosecurity-magazine.com	www.infosecurity-magazine.com
2	fonts.googleapis.com	www.infosecurity-magazine.com
1	polo-v1.feathr.co	www.infosecurity-magazine.com
1	clients1.google.com	www.infosecurity-magazine.com
1	infosecuritymagazine.disqus.com	www.infosecurity-magazine.com
1	marco.feathr.co	www.infosecurity-magazine.com
1	v1.addthisedge.com	s7.addthis.com
1	www.google.de	www.infosecurity-magazine.com
1	stats.g.doubleclick.net	1 redirects
1	cdn.feathr.co	www.infosecurity-magazine.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	www.googletagservices.com	www.infosecurity-magazine.com
1	www.googletagmanager.com	www.infosecurity-magazine.com
1	ajax.googleapis.com	www.infosecurity-magazine.com
88	33

This site contains links to these domains. Also see Links.

Domain
www.infosecurityeurope.com
www.infosecurityleadersnetwork.com
www.infosecuritynorthamerica.com
www.infosecurity.nl
www.infosecurity.be
www.infosecurityrussia.ru
www.infosecuritymexico.com
www.infosecurityme.com
www.facebook.com
twitter.com
www.linkedin.com
mediatrust.com
www.infosec.co.uk
www.intuitiv.net
www.relx.com

Subject Issuer	Validity	Valid
*.infosecurity-magazine.com Thawte RSA CA 2018	`2019-08-05` - `2021-10-03`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2019-10-10` - `2020-09-04`	a year	crt.sh
*.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ssl379779.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-18` - `2020-03-26`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-09-22` - `2019-12-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
polo.feathr.co Let's Encrypt Authority X3	`2019-10-16` - `2020-01-14`	3 months	crt.sh
marco.feathr.co Amazon	`2019-09-20` - `2020-10-20`	a year	crt.sh
www.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2018-03-28` - `2020-04-27`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
ssl565697.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-25` - `2020-03-02`	6 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2019-10-03` - `2019-12-26`	3 months	crt.sh
polo-v1.feathr.co Let's Encrypt Authority X3	`2019-10-16` - `2020-01-14`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
Frame ID: 598269CAC1B9ACED8643E8099A6A81F8
Requests: 68 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js
Frame ID: 4C85ECEBC2A7C309946C4424E2F4636A
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js
Frame ID: 1A156E0581A96F5827F667AA10926110
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js
Frame ID: F6108CDA82502317494A1DCB5AD54A0D
Requests: 6 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fpublishers-targeted-by-ghostcat&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Publishers%20Targeted%20by%20GhostCat%20Malware%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Publishers%20Targeted%20by%20GhostCat%20Malware%20&s_o=default
Frame ID: BEC53B208065985D7395E79527D702DA
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: AD5F99DAD7194E58F25555DA118E30C6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

88
Requests

100 %
HTTPS

63 %
IPv6

19
Domains

33
Subdomains

29
IPs

7
Countries

2171 kB
Transfer

4401 kB
Size

11
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: http://www.infosecurityeurope.com/
Title: Infosecurity Europe

Search URL Search Domain Scan URL

URL: http://www.infosecurityleadersnetwork.com/en/Leadership-Summit1/
Title: Infosecurity Leadership Summit

Search URL Search Domain Scan URL

URL: http://www.infosecuritynorthamerica.com/
Title: Infosecurity North America

Search URL Search Domain Scan URL

URL: http://www.infosecurity.nl/
Title: Infosecurity Netherlands

Search URL Search Domain Scan URL

URL: http://www.infosecurity.be/
Title: Infosecurity Belgium

Search URL Search Domain Scan URL

URL: http://www.infosecurityrussia.ru/
Title: Infosecurity Russia

Search URL Search Domain Scan URL

URL: http://www.infosecuritymexico.com/
Title: Infosecurity Mexico

Search URL Search Domain Scan URL

URL: http://www.infosecurityme.com/
Title: Infosecurity Middle East

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Infosecurity-Magazine/210560332330063

Search URL Search Domain Scan URL

URL: https://twitter.com/InfosecurityMag

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?gid=2035794&trk=myg_ugrp_ovr

Search URL Search Domain Scan URL

URL: https://mediatrust.com/
Title: The Media Trust

Search URL Search Domain Scan URL

URL: https://mediatrust.com/sites/default/files/2019-10/Incident%20Analysis%20-%20GhostCat-3PC.pdf
Title: report

Search URL Search Domain Scan URL

URL: http://www.infosec.co.uk/en/about/infosecurity-group/

Search URL Search Domain Scan URL

URL: https://www.intuitiv.net/website-design-and-development-services
Title: Intuitiv Custom Websites

Search URL Search Domain Scan URL

URL: https://www.relx.com/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 21

https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o HTTP 302
https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Request Chain 37

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&gjid=251694603&_gid=907343291.1571650967&_u=KGBAgAAD~&z=1191101857 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&_v=j79&z=1191101857 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&_v=j79&z=1191101857&slf_rd=1&random=1507443511

Request Chain 83

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5dad7d96b80f9f000147290b&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5dad7d96b80f9f000147290b&gdpr=0 HTTP 302
https://polo-v1.feathr.co/v1/analytics/match?f_id=5dad7d96b80f9f000147290b&ttd_id=ce6a0018-b6db-4b47-82c3-cf7972711f02

88 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set publishers-targeted-by-ghostcat Show response
www.infosecurity-magazine.com/news/ 53 KB
54 KB 2616ms
2575ms Document
text/html 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

c2e880a34c480b86b1a54eb9ac99e03b37d0f16955f546a1d73f49fb9699d635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.infosecurity-magazine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: none
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Server: Reed Exhibitions
Set-Cookie: ASP.NET_SessionId=uky444gbonqr5qb0312b4d2l; path=/; HttpOnly
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Date: Mon, 21 Oct 2019 09:42:45 GMT
Content-Length: 54744

GET
H2 200 css
fonts.googleapis.com/ 7 KB
838 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

24bcb9d7c9d9c12aa4c8c66c474eb8fc4d0733de305740f1fc1e7262864663e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 09:42:46 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 09:42:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:46 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
389 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:821::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Mon, 21 Oct 2019 09:42:46 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Mon, 21 Oct 2019 09:42:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:46 GMT

GET
H/1.1 200
OK base.css
res.infosecurity-magazine.com/css-0012/ 22 KB
5 KB 161ms
160ms Stylesheet
text/css 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/base.css

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

dadbe96852853088c4e5f54a55e19d0da5390f641bdc9b8c68dc388cb17ac49d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:06 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/css; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 4622
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK colour-codes.css
res.infosecurity-magazine.com/css-0012/ 11 KB
2 KB 64ms
64ms Stylesheet
text/css 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/colour-codes.css

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

63ebce060749b8de50579045bcad5148ae53a0da56851bd1558e585ddfa5b2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:04 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/css; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 1354
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK article.css
res.infosecurity-magazine.com/css-0012/ 12 KB
3 KB 114ms
113ms Stylesheet
text/css 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/article.css

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

544746b39aec5e583d4a50fe5a4580ae00e40b5bed78af9706fbb1822325e62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:07 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/css; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 2775
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK whats-hot.css
res.infosecurity-magazine.com/css-0012/ 3 KB
1 KB 34ms
33ms Stylesheet
text/css 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/whats-hot.css

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

6729beb6a0bdf0264f0492fa345fe2462b3ca4bd972bcc353289b078383844c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:07 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/css; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 834
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 11 Oct 2019 13:44:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 849508
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Oct 2020 13:44:18 GMT

GET
H/1.1 200
OK modernizr.js Show response
res.infosecurity-magazine.com/js-0012/ 2 KB
2 KB 29ms
29ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/modernizr.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

9bf5bb2d38aff2e30c602ac7d894968b9f384062ef48348619c0b35d1f6e1cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:19 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 1259
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK infosecurity-group.svg
www.infosecurity-magazine.com/_common/img/ 4 KB
5 KB 21ms
20ms Image
image/svg+xml 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/infosecurity-group.svg

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

c39eb617c167bdd58f665aef1c4482546eb2892a674846278bafd100c64f4116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:16 GMT
Server: Reed Exhibitions
ETag: "5178600cf58d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Date: Mon, 21 Oct 2019 09:42:45 GMT
Accept-Ranges: bytes
Content-Length: 4256
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK 678f01b3-fa16-42c3-a706-7f8cfca8458c.jpg
assets.infosecurity-magazine.com/profile/thumb/ 3 KB
4 KB 31ms
30ms Image
image/jpeg 212.70.65.107
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/profile/thumb/678f01b3-fa16-42c3-a706-7f8cfca8458c.jpg

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.107 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

assets.infosecurity.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

64c7855edeba655dab8128c9328f513e58ae09d7c70ee0dc567bf03a60ff3e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 3210
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Wed, 21 Aug 2019 07:58:57 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: Accept-encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2764800
ETag: "LSZdA41Y7O8156ryD3ta0Fm8BlunrB/HsZWj7AbzAp4="
Link: <http://assets.infosecurity-magazine.com/profile/original/678f01b3-fa16-42c3-a706-7f8cfca8458c.jpg>; rel="canonical"
Expires: Fri, 22 Nov 2019 10:42:46 GMT

GET
H/1.1 200
OK relx-logo-2019.png
www.infosecurity-magazine.com/_common/img/ 10 KB
11 KB 21ms
20ms Image
image/png 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/relx-logo-2019.png

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

e7a1d846904e1a3394f82ca308b8b1adbafd81d7a80eaafaa02d8e1e47ea9cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:13 GMT
Server: Reed Exhibitions
ETag: "51b4c2fece58d51:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Date: Mon, 21 Oct 2019 09:42:46 GMT
Accept-Ranges: bytes
Content-Length: 10549
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK underscore.min.js Show response
res.infosecurity-magazine.com/js-0012/ 15 KB
5 KB 59ms
59ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/underscore.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

221dd3238795d2e786c5798f80cbb3998c6d1db7ce6d829725af8f5ab7e55bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:19 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 5124
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK unveil.js Show response
res.infosecurity-magazine.com/js-0012/ 603 B
854 B 24ms
24ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/unveil.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

7ef35ca79023b3de6a36ea2ca000a3cb4e380d17b8af64aa527f121444010d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:19 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 366
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK ticker.min.js Show response
res.infosecurity-magazine.com/js-0012/ 3 KB
2 KB 26ms
26ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ticker.min.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

0d662e241e97f4716c225b472df672636700ee994b3d5ab93aaa2887a57d690c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:19 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 1108
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK tracking.js Show response
res.infosecurity-magazine.com/js-0012/ 928 B
964 B 24ms
24ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/tracking.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

a8e3bada6b39afa29036f3ea677e8c3a4921c35e290db7526d8d68c209d73ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 13:37:37 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 476
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK ism.js Show response
res.infosecurity-magazine.com/js-0012/ 5 KB
3 KB 29ms
29ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ism.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

25a34a20539eb7aaf9a735a587b77ae37c251aa78fc015b0134c84c7255601dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 11:14:48 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 2107
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 349 KB
113 KB 8ms
8ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-232-15.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 10 Oct 2019 17:01:35 GMT
server: nginx/1.15.8
etag: "5d9f63ef-573ea"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Mon, 21 Oct 2019 09:42:46 GMT
x-host: s7.addthis.com
content-length: 114882

GET
H/1.1 200
OK ism.whatshot.js Show response
res.infosecurity-magazine.com/js-0012/ism/ 810 B
846 B 24ms
24ms Script
text/javascript 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ism/ism.whatshot.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

526f6ee950b2b777d23694bb65b53bba1baf47ea87dc6c227eeb34a19f68decc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:18 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: accept-encoding
Content-Type: text/javascript; charset=utf-8
Expires: Fri, 22 Nov 2019 10:42:46 GMT
Cache-Control: public, max-age=2764800
Content-Length: 358
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 rax8HiqOu8IVPmn7f4xpLjpSmw.woff2
fonts.gstatic.com/s/bitter/v15/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v15/rax8HiqOu8IVPmn7f4xpLjpSmw.woff2

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/js-0012/modernizr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

74fa9e751557c61b6e1a233172fa3b655ac22078bea6173f16a67076702331eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800
Origin: https://www.infosecurity-magazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 14 Oct 2019 20:39:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:26:59 GMT
server: sffe
age: 565370
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9500
x-xss-protection: 0
expires: Tue, 13 Oct 2020 20:39:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 61 KB
21 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

645b0be3eb940a2f856043f486adb8d16d2d22d8a3be2df70f97b4d1b765f2a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: br
last-modified: Mon, 21 Oct 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 21511
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:46 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 46 KB
15 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:820::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f89fcb038aae8bf3e1723e73c705348add5a889d87ac1cc6be57377ccde8b96f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "313 / 956 of 1000 / last-modified: 1571414597"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14723
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:46 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o
https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

11 KB
4 KB

31ms
30ms

Script
text/javascript

2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

gws /

Resource Hash

38443ac97023c2ad35521beb76ad527d0d917b2fe2f25b07d50466b5937837f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 3483
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:46 GMT

Redirect headers

date: Mon, 21 Oct 2019 09:42:46 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o
cache-control: private
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 267
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 6517
date: Mon, 21 Oct 2019 07:54:09 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Mon, 21 Oct 2019 09:54:09 GMT

GET
H/1.1 200
OK rounded-rectangle.png
res.infosecurity-magazine.com/img/ 185 B
580 B 23ms
22ms Image
text/plain 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/rounded-rectangle.png

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

91dfa0b3cde79113a212e68b9c95a1f167ce48cf31730a699cbc0151a8001a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:16 GMT
Server: Reed Exhibitions
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=2764800
X-UA-Compatible: IE=Edge
Content-Length: 185
X-XSS-Protection: 1; mode=block
Expires: Fri, 22 Nov 2019 10:42:46 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Lato
Origin: https://www.infosecurity-magazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 11:38:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 943485
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14044
x-xss-protection: 0
expires: Fri, 09 Oct 2020 11:38:01 GMT

GET
H/1.1 200
OK bg-header-circuit.png
res.infosecurity-magazine.com/img/ 51 KB
52 KB 87ms
87ms Image
text/plain 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/bg-header-circuit.png

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

e084e78063db8d13c09375cf6f913a180e96d3ce7d662bac5ae9b18cc789945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:13 GMT
Server: Reed Exhibitions
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Cache-Control: public, max-age=2764800
X-UA-Compatible: IE=Edge
Content-Length: 52513
X-XSS-Protection: 1; mode=block
Expires: Fri, 22 Nov 2019 10:42:46 GMT

GET
H/1.1 200
OK sprite.svg
res.infosecurity-magazine.com/img/ 389 KB
389 KB 24ms
24ms Image
image/svg+xml 212.70.65.106
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/sprite.svg

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.106 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

res.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

108136cdaaa0dbe0f215a5d6bc112b2b76f4e1a7b71c0463906fb301f481ffe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Last-Modified: Thu, 22 Aug 2019 09:50:13 GMT
Server: Reed Exhibitions
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Cache-Control: public, max-age=2764800
X-UA-Compatible: IE=Edge
Content-Length: 398205
X-XSS-Protection: 1; mode=block
Expires: Fri, 22 Nov 2019 10:42:46 GMT

GET
H/1.1 200
OK fe1645f9-c4d4-4850-a811-3345877819ff.jpg
assets.infosecurity-magazine.com/webpage/feat/ 86 KB
87 KB 113ms
113ms Image
image/jpeg 212.70.65.107
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/webpage/feat/fe1645f9-c4d4-4850-a811-3345877819ff.jpg

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.107 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

assets.infosecurity.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

a6af75c730df9d0a310aa297d064098504ca79c447fbceda4da550b730cc347d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Length: 87946
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Tue, 01 Oct 2019 17:58:27 GMT
Server: Reed Exhibitions
X-Frame-Options: SAMEORIGIN
Date: Mon, 21 Oct 2019 09:42:46 GMT
Vary: Accept-encoding
Content-Type: image/jpeg
Cache-Control: public, max-age=2764800
ETag: "VaWGjTTqOnqQtFjOTKxZTEGysijKPI52jwuVW/AygOY="
Link: <http://assets.infosecurity-magazine.com/webpage/original/fe1645f9-c4d4-4850-a811-3345877819ff.jpg>; rel="canonical"
Expires: Fri, 22 Nov 2019 10:42:47 GMT

GET
H2 200 rax-HiqOu8IVPmn7erxrJD1wmULY.woff2
fonts.gstatic.com/s/bitter/v15/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v15/rax-HiqOu8IVPmn7erxrJD1wmULY.woff2

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

4a1f029082b1959caaaff51ddd41229930ae873693a730e6e282bb008be6fed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800
Origin: https://www.infosecurity-magazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 23:57:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:26:24 GMT
server: sffe
age: 899133
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9244
x-xss-protection: 0
expires: Fri, 09 Oct 2020 23:57:13 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 5ms
5ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN8rsOUuhpKKSTjw.woff2

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800
Origin: https://www.infosecurity-magazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 10 Oct 2019 12:16:43 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:53 GMT
server: sffe
age: 941163
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9192
x-xss-protection: 0
expires: Fri, 09 Oct 2020 12:16:43 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infosecurity-magazine.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infosecurity-magazine.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2019101401.js Show response
securepubads.g.doubleclick.net/gpt/ 156 KB
57 KB 38ms
38ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

f8800772f0dd827877029d9d634a170a156ff82b6b6bdf251b62c750b73cfe93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 13:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 58589
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:46 GMT

GET
H2 200 boomerang.min.js Show response
cdn.feathr.co/js/ 113 KB
34 KB 20ms
20ms Script
application/javascript 2606:4700:20::6819:f763
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.feathr.co/js/boomerang.min.js
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:f763 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 420716b9b6173c7187b6af8211c6f44ab80da47728d2d4b234ccb061c4b3a6a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: br
cf-cache-status: HIT
age: 1233
status: 200
x-amz-request-id: EA6C3B20E63E978D
x-amz-id-2: ftkshWAvvBlUzUoMvnwvATwQ/koP9/O2PefzZpWyGwENRWbl//XtKtyOqPH6wLVU6EKw0KPdSyY=
last-modified: Wed, 31 Jul 2019 20:04:48 GMT
server: cloudflare
etag: W/"b8655d0ded4aca80589aff477a37e060"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 5292488f49cf597c-VIE
expires: Mon, 21 Oct 2019 13:42:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 22458
x-xss-protection: 0
pragma: public
x-fb-debug: Ms0Peb5G7+LtfcuGJhZMO5XOJx8YMsW67yO6B0ZbGp5EMHegHrL/XgJZIBboQNNfSSddkdETUP+06kwA7Sxn6w==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Mon, 21 Oct 2019 09:42:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/webpage-view/ 0
433 B 50ms
50ms XHR
text/plain 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/webpage-view/?webpageId=123970

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Reed Exhibitions
X-AspNet-Version: 4.0.30319
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Cache-Control: private
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 collect
www.google-analytics.com/ 35 B
99 B 6ms
5ms Image
image/gif 2a00:1450:4001:814::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1992062007&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fpublishers-targeted-by-ghostcat&ul=en-us&de=UTF-8&dt=Publishers%20Targeted%20by%20GhostCat%20Malware%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=KGBAgAAD~&jid=424209919&gjid=251694603&cid=1552279570.1571650967&tid=UA-7632735-1&_gid=907343291.1571650967&z=339141460

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Oct 2019 18:13:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 833385
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&gjid=251694603&_gid=907343291.1571650967&_u=KGBAgAAD~&z=1191101857
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&_v=j79&z=1191101857
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&_v=j79&z=1191101857&slf_rd=1&random=1507443511

42 B
109 B

29ms
28ms

Image
image/gif

2a00:1450:4001:819::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&_v=j79&z=1191101857&slf_rd=1&random=1507443511

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-7632735-1&cid=1552279570.1571650967&jid=424209919&_v=j79&z=1191101857&slf_rd=1&random=1507443511
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1911022205845623 Show response
connect.facebook.net/signals/config/ 280 KB
65 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1911022205845623?v=2.9.5&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

e5ca6a9e0c302fbeef1615ea004d743f05965fb9850e8984f428215e598ef368

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-23=":443"; ma=3600
content-length: 66235
x-xss-protection: 0
pragma: public
x-fb-debug: 3e0PGr7X0Y8pgJhvsJA1l88JKmIklStq7F2yDarUA1RJCqikOoK5wec7nizTQCbsUtNRgS4oozPaLhwnJb/48w==
x-fb-trip-id: 1850256238
x-frame-options: DENY
date: Mon, 21 Oct 2019 09:42:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/session-control/ 360 B
729 B 24ms
24ms XHR
application/json 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/session-control/?method=disqus&id=123970

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

c16c43f22c506659ce46766bdfe4d9ae1fc8c0668bf4486e2ea488a73ef0914b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Reed Exhibitions
X-AspNet-Version: 4.0.30319
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 360
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/session-control/ 248 B
617 B 24ms
24ms XHR
application/json 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/session-control/?method=acctbtns&time=1571650966961

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

4bf58e0daf92aad29f2bc18a95e24aecc695dc71a395785432fc221bb716b1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Reed Exhibitions
X-AspNet-Version: 4.0.30319
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Cache-Control: private
Content-Length: 248
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/nav/mobile/ 5 KB
5 KB 520ms
520ms XHR
text/html 212.70.65.105
INTUITIV-AS Intui...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/nav/mobile/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_CBC

Server

212.70.65.105 , United Kingdom, ASN16174 (INTUITIV-AS Intuitiv Autonomous System, GB),

Reverse DNS

www.infosec.intuitiv.net

Software

Reed Exhibitions /

Resource Hash

6a845ff3ff7a8a8e49e7640cd8c2f215ca8a7a58d2e12cf8b6b81b635816b934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Reed Exhibitions
X-AspNet-Version: 4.0.30319
Date: Mon, 21 Oct 2019 09:42:46 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 4899
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 rax_HiqOu8IVPmnzxKl8AxhfsUjQ8Q.woff2
fonts.gstatic.com/s/bitter/v15/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:825::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v15/rax_HiqOu8IVPmnzxKl8AxhfsUjQ8Q.woff2

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

546eaddd71fc4ceecdc9d3121538d149a1abdd454c14700c47216d04b29867ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800
Origin: https://www.infosecurity-magazine.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 15 Oct 2019 01:06:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:27:07 GMT
server: sffe
age: 549386
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9348
x-xss-protection: 0
expires: Wed, 14 Oct 2020 01:06:20 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4d79fed038d59786/ 483 B
506 B 11ms
8ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4d79fed038d59786/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-232-15.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.8.v20180619) /
Resource Hash: 7f25fede4db5b93e5c049b991dde0bacd7f8b496343a8b07ac97c6ea5b1f5653

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:46 GMT
content-encoding: gzip
surrogate-key: ra-4d79fed038d59786
server: Jetty(9.4.8.v20180619)
cache-tag: ra-4d79fed038d59786
etag: -1567020332--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
status: 200
cache-control: public, max-age=53, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 260

GET
H2 200 integrations Show response
polo.feathr.co/v1/accounts/55877ad50a6540a7a33b5737/ 54 B
386 B 93ms
93ms XHR
application/json 3.222.178.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/55877ad50a6540a7a33b5737/integrations

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.222.178.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-222-178-2.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
server: nginx/1.15.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 54

GET
H2 200 refresh
marco.feathr.co/v1/ 43 B
566 B 107ms
107ms Image
image/gif 13.224.196.58
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marco.feathr.co/v1/refresh
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.224.196.58 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-13-224-196-58.fra2.r.cloudfront.net
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 2fb0f7ac-4fd5-4d43-a10c-865e32641454
status: 200
access-control-allow-methods: *
content-type: image/gif
access-control-allow-origin: *
x-amzn-trace-id: Root=1-5dad7d97-7b9632e61b06838a191f4c32;Sampled=0
x-cache: Miss from cloudfront
x-amz-apigw-id: B6CPnEYsoAMFz3Q=
content-length: 43
x-amz-cf-id: p11fqu3YP0YUM4_cVeMp384JiewWWT44So-cgaIIz3V2dmYNcCZllg==
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key

GET
H2 200 /
www.facebook.com/tr/ 44 B
247 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1911022205845623&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fpublishers-targeted-by-ghostcat&rl=&if=false&ts=1571650967015&sw=1600&sh=1200&v=2.9.5&r=stable&ec=0&o=30&fbp=fb.1.1571650967014.1020041756&it=1571650966928&coo=false&rqm=GET

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-23=":443"; ma=3600
content-length: 44
expires: Mon, 21 Oct 2019 09:42:47 GMT

GET
H2 200 cse_element__en.js Show response
www.google.com/cse/static/element/b5752d27691147d6/ 256 KB
85 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b5752d27691147d6/cse_element__en.js?usqp=CAI%3D

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f50798458e958d44022e68ed50eaf58ee47256a163f3022681fe1c899139d612

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:38:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Sep 2019 16:22:21 GMT
server: sffe
age: 425074
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 86564
x-xss-protection: 0
expires: Thu, 15 Oct 2020 11:38:13 GMT

GET
H2 200 default+en.css
www.google.com/cse/static/element/b5752d27691147d6/ 40 KB
9 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/b5752d27691147d6/default+en.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 16 Oct 2019 11:38:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 20 Sep 2019 16:22:21 GMT
server: sffe
age: 425073
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 9042
x-xss-protection: 0
expires: Thu, 15 Oct 2020 11:38:14 GMT

GET
H2 200 default.css
www.google.com/cse/static/style/look/v3/ 12 KB
3 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v3/default.css

Requested by

Host: cse.google.com
URL: https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8c5519ff6e93dfefc21c8b9c586ceef2060b2161e6be946d5b704341456ef053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 08:59:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 May 2019 14:00:00 GMT
server: sffe
age: 2595
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2805
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:49:32 GMT

GET
H/1.1 200
OK embed.js Show response
infosecuritymagazine.disqus.com/ 64 KB
21 KB 6ms
5ms Script
application/javascript 151.101.12.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecuritymagazine.disqus.com/embed.js

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

openresty /

Resource Hash

7276dae29b8cd3278b9e5c7b003cfcee1c6eb4190269da94a4e944d3a289939a

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 09:42:47 GMT
Content-Encoding: gzip
Server: openresty
Age: 11
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 21541

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
7 KB 69ms
69ms XHR
text/plain 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4061148360895027&correlator=2996577819312412&output=ldjh&impl=fifs&adsid=NT&eid=21062819%2C21064365%2C21064550%2C21064679&vrg=2019101401&guci=1.2.0.0.2.2.0.0&plat=1%3A536903688%2C2%3A536903688%2C8%3A134250504&sc=1&sfv=1-0-35&ecs=20191021&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cpublishers-targeted-by-ghostcat&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%2C728x90%2C728x90&cust_params=topics%3DInternet%2520Security%252CMalware&cookie_enabled=1&bc=31&abxe=1&lmt=1571650967&dt=1571650967065&dlt=1571650966668&idt=381&frm=20&biw=1585&bih=1200&oid=3&adxs=-12245933%2C-12245933%2C-12245933&adys=-12245933%2C-12245933%2C-12245933&adks=2647842924%2C238745079%2C3120872376&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fpublishers-targeted-by-ghostcat&dssz=36&icsg=8633974784&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=356x944%7C1100x0%7C728x51&msz=356x306%7C728x90%7C728x90&ga_vid=1552279570.1571650967&ga_sid=1571650967&ga_hid=1992062007&fws=128%2C128%2C128&ohw=0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

06170e4b12813bef1f877b865359c1db897b853470aecfb0a7ef302985843a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7342
x-xss-protection: 0
google-lineitem-id: 61713172,29373892,29373892
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138289460937,138289559972,138289855129
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.infosecurity-magazine.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2019101401.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
24 KB 40ms
40ms Script
text/javascript 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

f123fae1ceff20dea7ee2ff8895276a22cddecc8e0ef503b5e95419e76909a54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Oct 2019 13:08:16 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 24836
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:47 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-35/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-35/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 200 layers.ab5cd98fe1b9a38a4a9f.js Show response
s7.addthis.com/static/ 263 KB
76 KB 8ms
8ms Script
application/javascript 2.18.232.15
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.ab5cd98fe1b9a38a4a9f.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.232.15 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),

Reverse DNS

a2-18-232-15.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Wed, 18 Sep 2019 14:16:17 GMT
server: nginx/1.15.8
etag: W/"5d823c31-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 21 Oct 2019 09:42:47 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77528

GET
H2 200 async-ads.js Show response
cse.google.com/adsense/search/ 165 KB
57 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:81e::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/b5752d27691147d6/cse_element__en.js?usqp=CAI%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92bb28f8e0c7e7e5d499d5764f03ec02b7efc5719eb29ea754da785eacc26e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "10003670776107828456"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:47 GMT

GET
H2 200 googlelogo_grey_46x15dp.png
www.google.com/cse/static/images/1x/ 919 B
983 B 6ms
5ms Image
image/png 2a00:1450:4001:800::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_grey_46x15dp.png

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 09 Oct 2019 19:17:44 GMT
x-content-type-options: nosniff
last-modified: Tue, 13 Dec 2016 15:00:00 GMT
server: sffe
age: 1002303
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 919
x-xss-protection: 0
expires: Thu, 08 Oct 2020 19:17:44 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
40 B 6ms
6ms Image
text/plain 2a00:1450:4001:81b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
date: Mon, 21 Oct 2019 09:42:47 GMT
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0

GET
H2 200 lounge.953a2bd009935f47a8e815c3ee2bfc5a.css
c.disquscdn.com/next/embed/styles/ 0
21 KB 24ms
24ms Other
text/css 2606:4700::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.953a2bd009935f47a8e815c3ee2bfc5a.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1672197
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 21493
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Wed, 02 Oct 2019 01:07:45 GMT
server: cloudflare
etag: "5d93f861-53f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 52924890db415976-VIE
expires: Thu, 01 Oct 2020 01:12:47 GMT

GET
H2 200 common.bundle.bdf2715fe3d262793670748c6697b1f3.js
c.disquscdn.com/next/embed/ 0
89 KB 20ms
20ms Other
application/javascript 2606:4700::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.bdf2715fe3d262793670748c6697b1f3.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 467092
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 90421
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 15 Oct 2019 23:50:48 GMT
server: cloudflare
etag: "5da65b58-16135"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 52924890db425976-VIE
expires: Wed, 14 Oct 2020 23:57:48 GMT

GET
H2 200 lounge.bundle.df4113f81691d4ed6cccc5b74c6c17e8.js
c.disquscdn.com/next/embed/ 0
107 KB 23ms
22ms Other
application/javascript 2606:4700::6810:4da6
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.df4113f81691d4ed6cccc5b74c6c17e8.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:4da6 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 467092
status: 200
strict-transport-security: max-age=300; includeSubdomains
content-length: 109276
x-xss-protection: 1; mode=block
timing-allow-origin: *
last-modified: Tue, 15 Oct 2019 23:50:48 GMT
server: cloudflare
etag: "5da65b58-1aadc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000, public, immutable, no-transform
accept-ranges: bytes
cf-ray: 52924890db435976-VIE
expires: Wed, 14 Oct 2020 23:57:48 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
3 KB 6ms
5ms Other
application/javascript 151.101.0.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Mon, 21 Oct 2019 09:42:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 14
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Vary: Accept-Encoding
Content-Length: 2226
X-XSS-Protection: 1; mode=block
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Timing-Allow-Origin: *

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/011910071804120/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8055b71507df36a9a9d807b0799d9c26533101139e1078ea222897c02ad854c5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "c4c4a08298eb0376"
age: 223444
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 7118
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:43 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:43 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910071804120/ Frame 4C85 251 KB
68 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd062566471fa91604aee574ff8f6e78e80bd20b01f5e080adb0ac61680f94

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "6fedf66162310d96"
age: 223429
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 69642
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:58 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame 4C85 150 KB
40 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "8beba9134cdf5c44"
age: 223444
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40847
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:43 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:43 GMT

GET
DATA 200
OK truncated
/ Frame 4C85 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b4bca864d1486272c70e7e04f07b6c64f6d49daf5d81501c8ce16c2fc65685f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910071804120/ Frame 1A15 251 KB
68 KB 13ms
7ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd062566471fa91604aee574ff8f6e78e80bd20b01f5e080adb0ac61680f94

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "6fedf66162310d96"
age: 223429
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 69642
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:58 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame 1A15 150 KB
40 KB 11ms
5ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "8beba9134cdf5c44"
age: 223444
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40847
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:43 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:43 GMT

GET
DATA 200
OK truncated
/ Frame 1A15 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f37ccabab771e2ee20f81b1172d531981488155e8ad5316a233423c42dba9ce

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/011910071804120/ Frame F610 251 KB
68 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

93dd062566471fa91604aee574ff8f6e78e80bd20b01f5e080adb0ac61680f94

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "6fedf66162310d96"
age: 223429
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 69642
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:58 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:58 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/011910071804120/v0/ Frame F610 150 KB
40 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:821::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019101401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding: br
etag: "8beba9134cdf5c44"
age: 223444
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 40847
x-xss-protection: 0
server: sffe
date: Fri, 18 Oct 2019 19:38:43 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-content-type-options: nosniff
expires: Sat, 17 Oct 2020 19:38:43 GMT

GET
DATA 200
OK truncated
/ Frame F610 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79e6516f9dbfeb0f720c0f338a571ef5a2177e76be90791db5def8ccef371a09

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 14942669253397634981
tpc.googlesyndication.com/simgad/ Frame 4C85 87 KB
87 KB 17ms
15ms Image
image/png 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14942669253397634981

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5da2bce73fee2e29beff777b6be8e8acae0490bd441c4f24bafd0964f9c15a34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 08:42:29 GMT
x-content-type-options: nosniff
age: 3618
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 89269
x-xss-protection: 0
last-modified: Wed, 02 Oct 2019 14:53:58 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Oct 2020 08:42:29 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4C85 0
255 B 29ms
27ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstxDGfHU5IR5e_Sm4o5fy6QDhlip96HruxZRDIWErrjcCcgMEgFq8f0ZESr4tZohx0vOH3OfRDCGUir-7TAwpS_tL6XsBqPJc_prdguJmhQ0Nv-v4mXqf2ZY-Wawb-wVNVEinBnNSEWu1hX5ctg5SbTyr3mCLL_HoxRPY1QMCDt5TbNzGri8ZOAGz_knAm3Bvwcuwq3WUOJa460KEUnkwUaIEzAx9ZnEQZOd216qwnN5NHT2-8I0pfVkhMm4gBLT3TzYhyJYxtTXAv-sJUkrHfk-TAWQKJqBKEjJVbZUn5FQyUwDZIqACLaWxQkTLXUVnNjvfRQqF_FmWDmqQfiHg0&sai=AMfl-YQCdpaFCS_kTWNe7RJC88FUjD6BmJz-oTQJwAYSrQSX2fyLA7q3d0JAtNG_Cu7msb186eLpChy4SOG2V8wpdEKWhNwIDkVisRMiTryA&sig=Cg0ArKJSzA8aEjK1yOixEAE&adurl=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Oct 2019 09:42:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:47 GMT

GET
H2 200 6088175238531281311
tpc.googlesyndication.com/simgad/ Frame 1A15 71 KB
71 KB 13ms
11ms Image
image/png 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6088175238531281311

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a59dac4acefed14b4b77fa40c00b601b02668b0ea084b73b8d2d9bac6daab013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 20 Oct 2019 10:08:42 GMT
x-content-type-options: nosniff
age: 84845
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 72901
x-xss-protection: 0
last-modified: Wed, 02 Oct 2019 14:48:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Oct 2020 10:08:42 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 1A15 0
57 B 29ms
27ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuMGwegpj-_FAOFDVElAoal-1XZ19sfBRuKhqXIF-8XWCOtPLTKKV9lrcPGnv5o0Qkljg0Q6rCWalBU8lwTJzH2ibuhTuPfya3RMmnAST9_fitE5J6TO89r1R2qD8-gFZc8GwUHn3wPK7UkWK3CAn7hEZUS8AtC7R-hsTKyHN3x0QzPYjdqanuJ65y0ZtI1ox2FuyQ1dYNeUui4AqobkXrZKsA9dKir-99Gx6CsRLqRYxs6ZTyTbvjr9Fv0eV-xC1fhXV-NnGj_0e3qHmMDrWXBX9g89KcI7AGamyPymsPRYKaDXn5Gj6UsWd-jd02bhf-c-mAXSHbye2A_IoWqzcc&sai=AMfl-YS6BOG4cFAMRWJTgcqH-6KKy-68rtgxdazw3gakkRllUqcfhfW4q7CCEvyeyCdUiEZPLcn2vlhc8Kjzr-5h8_aAvIC66hq5A8unFpXP&sig=Cg0ArKJSzJ0crbdvw17uEAE&adurl=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Oct 2019 09:42:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 216127319706980159
tpc.googlesyndication.com/simgad/ Frame F610 36 KB
37 KB 8ms
7ms Image
image/png 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/216127319706980159

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1437022653a2f2ac44a111dc335047efe1cf6cf2702bdd59df9b5c1b7ef7c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 20 Oct 2019 05:11:38 GMT
x-content-type-options: nosniff
age: 102669
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37299
x-xss-protection: 0
last-modified: Wed, 02 Oct 2019 14:49:21 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Oct 2020 05:11:38 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F610 0
256 B 29ms
28ms Image
image/gif 172.217.23.98
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssopfOR11MMdPB_9meJE2XccVznXFpoO4gVGCNGS_l16auFCh90W8Z_Gv79UAcDCvB851RxFFB65yzYUASaIkbsQZ-RoDFQX3qGXNK7jKCVOnXjfLx0HDl3IgHNoWw61VwAjRF3TqP_ySmDfWhhoGuANKjUsGG62kkW8HU4oJ56GQJzyqJZ6AJpqSWbrNyL22OsbzWREfYOnYAGldbI2jyC7BAHUGPj4fcCzLKpqlBtaXAitoSgbp-z4xZqM5hBc6JgUEBDOHXiqsy8tZvWNEOasyCcQpnvgHXDZZsdAymfZvxoAhH7od7b_Cms-uClxgXacRUcYZlaLf0ZG1qsw1s&sai=AMfl-YQJRWCjUl14ATz13ArAgHPQ8SOwfRI2IadQ3hhFpRFrhx3dudKp70SWcYdm9U-33Xt6vjkmg0-XWgKJF6QPDQK4HMclckYnXJeMZGko&sig=Cg0ArKJSzHzJf818tXy4EAE&adurl=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Oct 2019 09:42:47 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 21 Oct 2019 09:42:47 GMT

GET
H2 200 script.js Show response
polo.feathr.co/v1/analytics/match/ 290 B
675 B 96ms
95ms Script
text/javascript 3.222.178.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/analytics/match/script.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.222.178.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-222-178-2.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

fbbf1b35c63ab33b00cf65384ffacef19f20ebb20ac56e24114fe9bc467a8a66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
server: nginx/1.15.10
status: 200
etag: "5dad7d96b80f9f000147290b"
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: no-cache, max-age=0
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 290

GET
H2 200 pixel.js Show response
polo.feathr.co/v1/accounts/55877ad50a6540a7a33b5737/ 32 B
398 B 95ms
94ms Script
text/javascript 3.222.178.2
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://polo.feathr.co/v1/accounts/55877ad50a6540a7a33b5737/pixel.js?pk=feathr

Requested by

Host: cdn.feathr.co
URL: https://cdn.feathr.co/js/boomerang.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.222.178.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-222-178-2.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
server: nginx/1.15.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: must-revalidate, max-age=14400
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 32

GET
H/1.1 200
OK /
disqus.com/embed/comments/ Frame BEC5 0
0 166ms
165ms Document
text/html 151.101.0.134
Fastly

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fpublishers-targeted-by-ghostcat&t_e&t_d=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Publishers%20Targeted%20by%20GhostCat%20Malware%20&t_t=%0A%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20Publishers%20Targeted%20by%20GhostCat%20Malware%20&s_o=default

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY - Fastly, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Response headers

Server: nginx
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ 'unsafe-inline' https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ https://apis.google.com https://www.google.com/recaptcha/ https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html; charset=utf-8
Last-Modified: Tue, 01 Oct 2019 17:59:18 GMT
ETag: W/"lounge:view:7658193159.e3e5ec898a0fe391e33d3038a98df8f4.2"
Content-Encoding: gzip
Content-Length: 2635
Date: Mon, 21 Oct 2019 09:42:47 GMT
Age: 0
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 6088175238531281311
tpc.googlesyndication.com/simgad/ Frame 1A15 71 KB
71 KB 6ms
6ms Image
image/png 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6088175238531281311

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a59dac4acefed14b4b77fa40c00b601b02668b0ea084b73b8d2d9bac6daab013

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 20 Oct 2019 10:08:42 GMT
x-content-type-options: nosniff
age: 84845
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 72901
x-xss-protection: 0
last-modified: Wed, 02 Oct 2019 14:48:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Oct 2020 10:08:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4C85 0
56 B 285ms
284ms Other
image/gif 2404:6800:4005:811::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1571650967420&qqid=CP7B64yIreUCFc8r4Aodl0wBAQ&rt=a4a.link.5.e.8.6.0.0.1htg.1hqi~aa.script.6.c.5.7.0.0.vkx.vin~simg.img.i.k.4.f.0.0.1x06.1wvp~vu.img.i.u.1.s.0.0.73.0&met.a4a=dcl.1~ol.207~nvs.1571650967193~ini.1571650967450
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:811::2003 , Australia, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

match
polo-v1.feathr.co/v1/analytics/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5dad7d96b80f9f000147290b&gdpr=0
https://match.adsrvr.org/track/cmb/generic?ttd_pid=6fgi4r1&ttd_tpi=1&ttd_puid=5dad7d96b80f9f000147290b&gdpr=0
https://polo-v1.feathr.co/v1/analytics/match?f_id=5dad7d96b80f9f000147290b&ttd_id=ce6a0018-b6db-4b47-82c3-cf7972711f02

43 B
403 B

93ms
93ms

Image
image/gif

34.231.125.84
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo-v1.feathr.co/v1/analytics/match?f_id=5dad7d96b80f9f000147290b&ttd_id=ce6a0018-b6db-4b47-82c3-cf7972711f02

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.231.125.84 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-231-125-84.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
server: nginx/1.15.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43

Redirect headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:47 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://polo-v1.feathr.co/v1/analytics/match?f_id=5dad7d96b80f9f000147290b&ttd_id=ce6a0018-b6db-4b47-82c3-cf7972711f02
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2 200 crumb
polo.feathr.co/v1/analytics/ 43 B
403 B 186ms
186ms Image
image/gif 3.222.178.2
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://polo.feathr.co/v1/analytics/crumb?cb=1571650967472&a_id=55877ad50a6540a7a33b5737&f_id=5dad7d96b80f9f000147290b&ses_id=5dad7d97532417785bd87f84&flvr=page_view&loc_url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fpublishers-targeted-by-ghostcat&s_w=1600&s_h=1200&b_w=1600&b_h=1200&cust_params=e30=

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

3.222.178.2 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-3-222-178-2.compute-1.amazonaws.com

Software

nginx/1.15.10 /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Mon, 21 Oct 2019 09:42:47 GMT
server: nginx/1.15.10
status: 200
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-methods: GET, POST, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0,no-cache,no-store
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 43

POST
H2 204 csi
csi.gstatic.com/ Frame F610 0
56 B 284ms
283ms Other
image/gif 2404:6800:4005:811::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1571650967470&qqid=CIDC64yIreUCFc8r4Aodl0wBAQ&rt=a4a.link.2.n.6.f.0.0.1hta.1hqi~aa.script.3.l.9.a.0.0.vkx.vin~simg.img.4.9.0.7.0.0.sug.ss3~vu.img.4.u.1.s.0.0.74.0&met.a4a=dcl.0~ol.249~nvs.1571650967207~ini.1571650967470
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:811::2003 , Australia, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 1A15 0
56 B 284ms
284ms Other
image/gif 2404:6800:4005:811::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1571650967476&qqid=CP_B64yIreUCFc8r4Aodl0wBAQ&rt=a4a.link.3.r.d.9.0.0.1hta.1hqi~aa.script.3.i.7.7.0.0.vkx.vin~simg.img.9.j.6.c.0.0.1kda.1k91~vu.img.9.u.1.s.0.0.1l.0~simg.img.5e.7.1.6.0.0.1kbq.1k91&met.a4a=dcl.0~ol.193~nvs.1571650967202~ini.1571650967477
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011910071804120/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4005:811::2003 , Australia, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
status: 204
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ Frame AD5F 0
0 6ms
6ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 3463
pragma: no-cache
cache-control: no-cache
origin: https://www.infosecurity-magazine.com
upgrade-insecure-requests: 1
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
accept-encoding: gzip, deflate, br
cookie: fr=059YCGctNKbYaj0Fp..BdrX2X...1.0.BdrX2X.;
Origin: https://www.infosecurity-magazine.com
Upgrade-Insecure-Requests: 1
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.infosecurity-magazine.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
alt-svc: h3-23=":443"; ma=3600
date: Mon, 21 Oct 2019 09:42:47 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 4C85 42 B
110 B 38ms
38ms Image
image/gif 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsufbVrTkeO3K0oRLfp9Xiv1SIwy4JmODb9gRR21R2sJmStHOGr7Z__VFSU-gxpxn5hCRmN8uDTU8XC9BXiIlyNHZI_8lX3nWUQajpNgeb0&sig=Cg0ArKJSzHvQAiTidi8EEAE&id=ampim&o=1015,831&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=183&tls=1183&g=100&h=100&pt=207&tt=1183&rpt=207&rst=1571650967193&r=v&adk=2647842924&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1A15 42 B
110 B 38ms
38ms Image
image/gif 2a00:1450:4001:821::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNJDI7k89gkhWid0j4yzWdte8TKfDPRyy2uikz4qnGe7hD7TODf3IIPA81i6iq86VVCF25l5kM3KoO-ZYP9Xzc3o_E3nUZm4SpHbKzs3o&sig=Cg0ArKJSzDO16neZcXjxEAE&id=ampim&o=243,68&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=110&tls=1110&g=100&h=100&pt=193&tt=1110&rpt=193&rst=1571650967202&r=v&adk=238745079&avms=ampa

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Oct 2019 09:42:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.infosecurity-magazine.com/	1970-01-19 04:34:12	Name: __atuvs Value: 5dad7d9668f7a2ee000
.infosecurity-magazine.com/	1970-01-19 06:43:46	Name: _fbp Value: fb.1.1571650967014.1020041756
.www.infosecurity-magazine.com/	1970-01-19 04:34:14	Name: feathr_session_id Value: 5dad7d97532417785bd87f84
www.infosecurity-magazine.com/	1970-01-19 14:05:55	Name: __atuvc Value: 1%7C43
.infosecurity-magazine.com/	1970-01-19 22:05:22	Name: __gads Value: ID=37fc32edfc0306b4:T=1571650967:S=ALNI_Mbl0zQ8uAPpIT1aPtcyeCo4Q2vRRA
www.infosecurity-magazine.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: uky444gbonqr5qb0312b4d2l
.infosecurity-magazine.com/	1970-01-19 04:34:11	Name: _gat Value: 1
.infosecurity-magazine.com/	1970-01-19 22:05:22	Name: _ga Value: GA1.2.1552279570.1571650967
www.infosecurity-magazine.com/	1970-01-19 05:18:52	Name: ISM.Visitor Value: vid=9f9a2ac1-1477-4a46-8906-eb15ce513a53
.infosecurity-magazine.com/	1970-01-19 04:35:37	Name: _gid Value: GA1.2.907343291.1571650967
www.infosecurity-magazine.com/news	1969-12-31 23:59:59	Name: ISM.ScreenSize Value: 1600

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://res.infosecurity-magazine.com/js-0012/tracking.js(Line 1) Message: tracking started
console-api	log	URL: https://res.infosecurity-magazine.com/js-0012/tracking.js(Line 1) Message: track me
console-api	info	URL: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js(Line 529) Message: Powered by AMP ⚡ HTML – Version 1910071804120 https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
console-api	info	URL: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js(Line 529) Message: Powered by AMP ⚡ HTML – Version 1910071804120 https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat
console-api	info	URL: https://cdn.ampproject.org/rtv/011910071804120/amp4ads-v0.js(Line 529) Message: Powered by AMP ⚡ HTML – Version 1910071804120 https://www.infosecurity-magazine.com/news/publishers-targeted-by-ghostcat

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.infosecurity-magazine.com
c.disquscdn.com
cdn.ampproject.org
cdn.feathr.co
clients1.google.com
connect.facebook.net
cse.google.com
csi.gstatic.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
infosecuritymagazine.disqus.com
marco.feathr.co
match.adsrvr.org
pagead2.googlesyndication.com
polo-v1.feathr.co
polo.feathr.co
res.infosecurity-magazine.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.infosecurity-magazine.com
13.224.196.58
151.101.0.134
151.101.12.134
172.217.23.98
2.18.232.15
212.70.65.105
212.70.65.106
212.70.65.107
2404:6800:4005:811::2003
2606:4700:20::6819:f763
2606:4700::6810:4da6
2a00:1450:4001:800::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:814::2001
2a00:1450:4001:814::200e
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2008
2a00:1450:4001:81b::200e
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2002
2a00:1450:4001:821::2001
2a00:1450:4001:821::2002
2a00:1450:4001:821::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.222.178.2
34.231.125.84
63.34.164.219
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06170e4b12813bef1f877b865359c1db897b853470aecfb0a7ef302985843a73
0d662e241e97f4716c225b472df672636700ee994b3d5ab93aaa2887a57d690c
108136cdaaa0dbe0f215a5d6bc112b2b76f4e1a7b71c0463906fb301f481ffe4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
221dd3238795d2e786c5798f80cbb3998c6d1db7ce6d829725af8f5ab7e55bfd
24bcb9d7c9d9c12aa4c8c66c474eb8fc4d0733de305740f1fc1e7262864663e1
25a34a20539eb7aaf9a735a587b77ae37c251aa78fc015b0134c84c7255601dc
38443ac97023c2ad35521beb76ad527d0d917b2fe2f25b07d50466b5937837f6
40a20291f9b526cba58796a4bbd0256d5663313e02c9d5ab5a842476562b3108
420716b9b6173c7187b6af8211c6f44ab80da47728d2d4b234ccb061c4b3a6a2
4a1f029082b1959caaaff51ddd41229930ae873693a730e6e282bb008be6fed5
4b4bca864d1486272c70e7e04f07b6c64f6d49daf5d81501c8ce16c2fc65685f
4bf58e0daf92aad29f2bc18a95e24aecc695dc71a395785432fc221bb716b1ee
526f6ee950b2b777d23694bb65b53bba1baf47ea87dc6c227eeb34a19f68decc
544746b39aec5e583d4a50fe5a4580ae00e40b5bed78af9706fbb1822325e62e
546eaddd71fc4ceecdc9d3121538d149a1abdd454c14700c47216d04b29867ae
5c1437022653a2f2ac44a111dc335047efe1cf6cf2702bdd59df9b5c1b7ef7c3
5da2bce73fee2e29beff777b6be8e8acae0490bd441c4f24bafd0964f9c15a34
63ebce060749b8de50579045bcad5148ae53a0da56851bd1558e585ddfa5b2f6
645b0be3eb940a2f856043f486adb8d16d2d22d8a3be2df70f97b4d1b765f2a7
64c7855edeba655dab8128c9328f513e58ae09d7c70ee0dc567bf03a60ff3e71
6729beb6a0bdf0264f0492fa345fe2462b3ca4bd972bcc353289b078383844c0
68795cb80606f19d4ec0d92744af85048164f53500ad9535229c470fe24fe28a
6a845ff3ff7a8a8e49e7640cd8c2f215ca8a7a58d2e12cf8b6b81b635816b934
7276dae29b8cd3278b9e5c7b003cfcee1c6eb4190269da94a4e944d3a289939a
74fa9e751557c61b6e1a233172fa3b655ac22078bea6173f16a67076702331eb
79e6516f9dbfeb0f720c0f338a571ef5a2177e76be90791db5def8ccef371a09
7ef35ca79023b3de6a36ea2ca000a3cb4e380d17b8af64aa527f121444010d64
7f25fede4db5b93e5c049b991dde0bacd7f8b496343a8b07ac97c6ea5b1f5653
8055b71507df36a9a9d807b0799d9c26533101139e1078ea222897c02ad854c5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c5519ff6e93dfefc21c8b9c586ceef2060b2161e6be946d5b704341456ef053
91dfa0b3cde79113a212e68b9c95a1f167ce48cf31730a699cbc0151a8001a0b
92bb28f8e0c7e7e5d499d5764f03ec02b7efc5719eb29ea754da785eacc26e3f
93dd062566471fa91604aee574ff8f6e78e80bd20b01f5e080adb0ac61680f94
9404cee30e4489a7ed4d6de2dd92aa8e4386fd5ff1c81ebcea77f581952eac31
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9bf5bb2d38aff2e30c602ac7d894968b9f384062ef48348619c0b35d1f6e1cbb
9f37ccabab771e2ee20f81b1172d531981488155e8ad5316a233423c42dba9ce
a59dac4acefed14b4b77fa40c00b601b02668b0ea084b73b8d2d9bac6daab013
a6af75c730df9d0a310aa297d064098504ca79c447fbceda4da550b730cc347d
a844cdc48c7591822e45128a138f1dbba5753a3ca9992bd71c36758d51d0b68e
a8e3bada6b39afa29036f3ea677e8c3a4921c35e290db7526d8d68c209d73ea7
a95ebbca9b2c9a1cbd25f9b5070862c532bf98170e12f9d53b0212e2569622c2
aa95eb8757140f09d3424399b939ed3f10a20c45c6c52476c614c9bc375eb667
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
c16c43f22c506659ce46766bdfe4d9ae1fc8c0668bf4486e2ea488a73ef0914b
c2e880a34c480b86b1a54eb9ac99e03b37d0f16955f546a1d73f49fb9699d635
c39eb617c167bdd58f665aef1c4482546eb2892a674846278bafd100c64f4116
d8ccc36d648469ae72535a1ec5e23def10a53deff594eabfe2a6fa5d4ee4ce2e
dadbe96852853088c4e5f54a55e19d0da5390f641bdc9b8c68dc388cb17ac49d
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
e084e78063db8d13c09375cf6f913a180e96d3ce7d662bac5ae9b18cc789945a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ca6a9e0c302fbeef1615ea004d743f05965fb9850e8984f428215e598ef368
e7a1d846904e1a3394f82ca308b8b1adbafd81d7a80eaafaa02d8e1e47ea9cca
eacfa4f711eaca1336ff82619c8a2d310dec11266d594fbc7e5a91259cebf848
ecc0c4a707efeb061b7de57440221feb21ab08022938aaacee779e98fe809235
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f123fae1ceff20dea7ee2ff8895276a22cddecc8e0ef503b5e95419e76909a54
f50798458e958d44022e68ed50eaf58ee47256a163f3022681fe1c899139d612
f8800772f0dd827877029d9d634a170a156ff82b6b6bdf251b62c750b73cfe93
f89fcb038aae8bf3e1723e73c705348add5a889d87ac1cc6be57377ccde8b96f
fbbf1b35c63ab33b00cf65384ffacef19f20ebb20ac56e24114fe9bc467a8a66

www.infosecurity-magazine.com Open in urlscan Pro 212.70.65.105 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

63 %IPv6

19 Domains

33 Subdomains

29 IPs

7 Countries

2171 kBTransfer

4401 kBSize

11 Cookies

16 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.infosecurity-magazine.com Open in urlscan Pro
212.70.65.105 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

63 %
IPv6

19
Domains

33
Subdomains

29
IPs

7
Countries

2171 kB
Transfer

4401 kB
Size

11
Cookies

88 HTTP transactions
3 data transactions