www.infosecurity-magazine.com Open in urlscan Pro
163.171.128.148 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4...
Effective URL:
https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8u...
Submission: On June 19 via api (June 19th 2021, 12:26:23 am UTC) from SG

Summary HTTP 137 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 34 IPs in 4 countries across 22 domains to perform 137 HTTP transactions. The main IP is 163.171.128.148, located in Germany and belongs to QUANTILNETWORKS, US. The main domain is www.infosecurity-magazine.com.
TLS certificate: Issued by Thawte RSA CA 2018 on October 20th 2020. Valid for: a year.

This is the only time www.infosecurity-magazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:6702	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
9	163.171.128.148 163.171.128.148	54994 (QUANTILNE...) (QUANTILNETWORKS)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
16	220.242.170.82 220.242.170.82	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
3	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:801::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c01::9a	15169 (GOOGLE) (GOOGLE)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
29	2600:9000:210... 2600:9000:2104:4000:6:8656:f5c0:93a1	16509 (AMAZON-02) (AMAZON-02)
9	151.101.0.134 151.101.0.134	54113 (FASTLY) (FASTLY)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	151.101.112.134 151.101.112.134	54113 (FASTLY) (FASTLY)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
137	34

2 2606:2c40::c73c:6702 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

go.recordedfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 163.171.128.148 (Germany)

ASN54994 (QUANTILNETWORKS, US)

www.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 220.242.170.82 (China)

ASN54994 (QUANTILNETWORKS, US)

res.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.infosecurity-magazine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c01::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

infosecuritymagazine.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5f31cf3ae3c659c791aba18ac8899cfb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients1.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2600:9000:2104:4000:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.0.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

a.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.134 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

bam.eu01.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	disquscdn.com c.disquscdn.com a.disquscdn.com	744 KB
25	infosecurity-magazine.com www.infosecurity-magazine.com res.infosecurity-magazine.com assets.infosecurity-magazine.com	576 KB
14	googlesyndication.com 5f31cf3ae3c659c791aba18ac8899cfb.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	142 KB
13	google.com 1 redirects www.google.com cse.google.com adservice.google.com clients1.google.com	174 KB
12	disqus.com infosecuritymagazine.disqus.com disqus.com referrer.disqus.com	103 KB
9	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	126 KB
5	cookielaw.org cdn.cookielaw.org	107 KB
5	googletagservices.com www.googletagservices.com	160 KB
3	facebook.net connect.facebook.net	98 KB
3	gstatic.com fonts.gstatic.com	68 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	35 KB
2	nr-data.net bam.eu01.nr-data.net	486 B
2	facebook.com www.facebook.com	162 B
2	google.de www.google.de adservice.google.de	272 B
2	google-analytics.com www.google-analytics.com	19 KB
2	addthis.com s7.addthis.com	190 KB
2	recordedfuture.com 1 redirects go.recordedfuture.com	4 KB
1	newrelic.com js-agent.newrelic.com	12 KB
1	onetrust.com geolocation.onetrust.com	408 B
1	addthisedge.com v1.addthisedge.com	436 B
1	moatads.com z.moatads.com	1 KB
1	googletagmanager.com www.googletagmanager.com	41 KB
137	22

	Domain	Requested by
29	c.disquscdn.com	infosecuritymagazine.disqus.com disqus.com c.disquscdn.com
14	res.infosecurity-magazine.com	www.infosecurity-magazine.com res.infosecurity-magazine.com
9	disqus.com	infosecuritymagazine.disqus.com c.disquscdn.com
9	www.google.com	1 redirects www.infosecurity-magazine.com www.google.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	www.infosecurity-magazine.com	go.recordedfuture.com www.infosecurity-magazine.com ajax.googleapis.com c.disquscdn.com
8	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net go.recordedfuture.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	cdn.cookielaw.org	www.googletagmanager.com cdn.cookielaw.org
5	www.googletagservices.com	www.infosecurity-magazine.com securepubads.g.doubleclick.net
3	connect.facebook.net	go.recordedfuture.com connect.facebook.net www.infosecurity-magazine.com
3	fonts.gstatic.com	fonts.googleapis.com
2	bam.eu01.nr-data.net	js-agent.newrelic.com
2	www.facebook.com	www.infosecurity-magazine.com connect.facebook.net
2	infosecuritymagazine.disqus.com	www.infosecurity-magazine.com infosecuritymagazine.disqus.com
2	www.google-analytics.com	www.infosecurity-magazine.com
2	cse.google.com	www.infosecurity-magazine.com www.google.com
2	s7.addthis.com	www.infosecurity-magazine.com s7.addthis.com
2	assets.infosecurity-magazine.com	www.infosecurity-magazine.com
2	fonts.googleapis.com	www.infosecurity-magazine.com
2	go.recordedfuture.com	1 redirects
1	js-agent.newrelic.com	www.infosecurity-magazine.com
1	referrer.disqus.com	www.infosecurity-magazine.com
1	a.disquscdn.com	www.infosecurity-magazine.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	clients1.google.com	www.infosecurity-magazine.com
1	5f31cf3ae3c659c791aba18ac8899cfb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	www.google.de	www.infosecurity-magazine.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	www.infosecurity-magazine.com
1	ajax.googleapis.com	www.infosecurity-magazine.com
137	35

This site contains links to these domains. Also see Links.

Domain
www.infosecurityeurope.com
www.infosecurityleadersnetwork.com
www.infosecuritynorthamerica.com
www.infosecurity.nl
www.infosecurity.be
www.infosecurityrussia.ru
www.infosecuritymexico.com
www.infosecurityme.com
www.facebook.com
twitter.com
www.linkedin.com
www.avanan.com
www.trendmicro.com
www.lookout.com
www.infosec.co.uk
privacy.reedexpo.com
www.intuitiv.net
www.relx.com

Subject Issuer	Validity	Valid
go.recordedfuture.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.infosecurity-magazine.com Thawte RSA CA 2018	`2020-10-20` - `2021-11-05`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-24` - `2021-08-16`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
a.disquscdn.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-24` - `2021-08-16`	3 months	crt.sh
*.disquscdn.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.eu01.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-04` - `2022-02-08`	2 years	crt.sh

This page contains 10 frames:

Primary Page: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Frame ID: 89A83E35E7F19974E6AEF4B428FC353D
Requests: 80 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI57q-EQYCVI0iPsu6v5RiqeD5Sz5UhLOYbqQ1baP3KnJLJqPLCLGOlkTMGyEcWlChziyZcGciC4ewAKPsTtWKlSy4TuYqCTx4-zrac-HwSmD5SqkW_gp0N0IBP6UNo9nKU2Atsn1kGc711fIpOz9wU8vnSJU1X1ikOui8ubAARQE3H5QWGCXOd4wmcoQp2MlsNjgTdvn4APUBQduB_swZA9iTaeDHvpL1Mxke1wa-hMFJMDICvwHMGJH5lsY-CK9zAoeBopedq070BBwNdUH0t3zxDKJ-LfOBSm23tFVy7dQcTXyU5TS1utfF4Ct9dtMUI1H1_AszToirlMRnkBIj-gDdFYq0NFpTfNqETJNiGNDBx73alw&sai=AMfl-YT9LVrwPuzybRUe4jdgMqkZi5G9V566Bn77XBH5VIa_0RV3w5Zp_kxo4KgSAkEz5MB7V1FW4M_2z_0kdwfCceWbOQn4k_ZPGBkjuXKrpxyyV-OTpfQyeZDSHTNxjyYZ&sig=Cg0ArKJSzHUjRD3gwloMEAE&adurl=
Frame ID: E13699CC4B8CDB4ED0A50BDEBEE00302
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQeOjnKKoqZ1NLHjbMrX1pxOijAICY_BIUh1Dq9HaBTXlOXtdfUoTjWFPOF4R3P09PxKYSoj0jRyfGqNXQxW3uMjkjwwlSf6achny1Ojl56r8MxYvzaW0kN_y6Fd3jCurlDccj4WQc2fuirdfB9mUlu0V3oKQKBgfxG2oIluxaJxhW-Y-XzzVD83GZxmrRvTAX70eQROXUnu3JmHT0eeG_XegjTuyoU2eKrX9UKKZZVy_6lYyFgOawzPcDiaHtSTjftExXAqwRQkRrsPOCnAeKkTukUNptVz6hVhniLzMqJOIyaJkdtuDPxxiK-xhDLMdUMo1eYZfJEZ1xjaPl7T6AV4d__MLbpGn7uK65qbuCjHbB643LRA&sai=AMfl-YRuDjK7vlKxZ68Yy6HqQnXDm1HBMChb4IR9QEHjKZMU8V824Vp5sMgO9-I-Vp6O9Rvhp4bass0SmdDqiYXZani261hILNLozknYoq4EeKyFY4wIdHcOrUs7l7BnMJto&sig=Cg0ArKJSzJu4_2vOl4H8EAE&adurl=
Frame ID: A3FD7A9F2F77C7285344E83EDAD39E76
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW2veQuvOp1q9TP_hO0MAwWq1UEHRyzJk7Xe3fe6WElqMj0JX17LYoOPs8URPfjN7gN3aARg8d8jf95G4PxuOmIC5KOHFl1k7IXrGqBHpE20LXKi345vhwBzkcjUXlTGWTUViVKnKypqkvXD5ng65CV3Uw6bO44sogdr8RhXJFRgfEHG_bAjU7LrzWq2-UVD9YrcUNHQEtBspIQeee5cVbp-xRUAlXs72T-WD-c7w4uANCXBTLHdwrdgjqzE-_lTKNIGoyCQdrDRe1-yHRZnkkQh0lM9vsGUmziOd9lcSIfdC_dkR_3EBE2eLJiaGuOQk3jwLJGc7kJ70R19rZeeNr-4VqazROZ9dYhGuoJoRHHVHr8dvZZQ&sai=AMfl-YR8b6TrI3i_yxd1YIRcaaRzfJNlvj1Z8aPcTQdjmRW6nE0V9_ClibUKbMGls91v9vHVec4QXQggkC6KFJ9OOycT8SVi3FSoyrS8N27N8s1zjmhV6etCnYxgWmn-qRcs&sig=Cg0ArKJSzAm2FbTpxx55EAE&adurl=
Frame ID: 719C0B02A3BE121AE71124E19CD4C0C4
Requests: 7 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
Frame ID: 0091E8161303950B63B21BA5ED5F8DD6
Requests: 18 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine
Frame ID: 470004247ABA1E8061DEB075E4FDC37E
Requests: 16 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 59765F6E6823C89908186A4BB06F9F94
Requests: 1 HTTP requests in this frame

Frame: https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css
Frame ID: 2AA26191E7712037DC2BA8F03A0987D2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 4E2E36C35B91AA45FC8275A101FF5870
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 94C04ECD5985BFA3E876236D4B3AE0BA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr... Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5... HTTP 307
https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p... Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

137
Requests

100 %
HTTPS

68 %
IPv6

22
Domains

35
Subdomains

34
IPs

4
Countries

2602 kB
Transfer

5507 kB
Size

13
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://www.infosecurityeurope.com/
Title: Infosecurity Europe

Search URL Search Domain Scan URL

URL: http://www.infosecurityleadersnetwork.com/en/Leadership-Summit1/
Title: Infosecurity Leadership Summit

Search URL Search Domain Scan URL

URL: http://www.infosecuritynorthamerica.com/
Title: Infosecurity North America

Search URL Search Domain Scan URL

URL: http://www.infosecurity.nl/
Title: Infosecurity Netherlands

Search URL Search Domain Scan URL

URL: http://www.infosecurity.be/
Title: Infosecurity Belgium

Search URL Search Domain Scan URL

URL: http://www.infosecurityrussia.ru/
Title: Infosecurity Russia

Search URL Search Domain Scan URL

URL: http://www.infosecuritymexico.com/
Title: Infosecurity Mexico

Search URL Search Domain Scan URL

URL: http://www.infosecurityme.com/
Title: Infosecurity Middle East

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Infosecurity-Magazine/210560332330063

Search URL Search Domain Scan URL

URL: https://twitter.com/InfosecurityMag

Search URL Search Domain Scan URL

URL: http://www.linkedin.com/groups?gid=2035794&trk=myg_ugrp_ovr

Search URL Search Domain Scan URL

URL: http://twitter.com/philmuncaster
Title: Follow @philmuncaster

Search URL Search Domain Scan URL

URL: https://www.avanan.com/
Title: Avanan

Search URL Search Domain Scan URL

URL: https://www.avanan.com/blog/attackers-take-advantage-of-new-google-doc-exploit
Title: blog post

Search URL Search Domain Scan URL

URL: https://www.trendmicro.com/vinfo/ph/security/research-and-analysis/threat-reports/roundup/a-constant-state-of-flux-trend-micro-2020-annual-cybersecurity-report
Title: over 91% were sent via email.

Search URL Search Domain Scan URL

URL: https://www.lookout.com/
Title: Lookout,

Search URL Search Domain Scan URL

URL: http://www.infosec.co.uk/en/about/infosecurity-group/

Search URL Search Domain Scan URL

URL: https://privacy.reedexpo.com/en-gb.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://privacy.reedexpo.com/en-gb/cookie-policy.html
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.intuitiv.net/website-design-and-development-services
Title: Intuitiv Custom Websites

Search URL Search Domain Scan URL

URL: https://www.relx.com/
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1 Page URL
https://go.recordedfuture.com/events/public/v1/track/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1?_ud=12b212c8-a3e9-4a22-b645-350dcab2f8ec&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o HTTP 301
https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

137 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8...
go.recordedfuture.com/e2t/tc/ 9 KB
3 KB 82ms
61ms Document
text/html 2606:2c40::c73c:6702
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:6702 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: go.recordedfuture.com
:scheme: https
:path: /e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:02 GMT
content-type: text/html;charset=utf-8
cf-ray: 66189fa23b980625-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0ac342196100000625e511c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 2f9694d2-8d5e-46fe-9d03-0d19aa12adf7
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=UXDv0jiWcNGMKnFZNmS%2Bb2wfx8sTjR1s3hkmztoxGVKd0CT0jYhSQ9WS3LYFykbmEq02UeNkxuwwX8ROx%2F1PY8wxElKOyult73UizoqrTNGKl62KojHTumhUI817RUTz1dx0vbYc%2BIv9cpL%2Bzgc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=ad759d137c6f3e4d410eb08492956e76ebfc4c78-1624062362; path=/; domain=.go.recordedfuture.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/
Redirect Chain

https://go.recordedfuture.com/events/public/v1/track/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M...
https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJ...

63 KB
18 KB

1938ms
1782ms

Document
text/html

163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email

Requested by

Host: go.recordedfuture.com
URL: https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

abd41f8d13fb73ecbe3fbdbf26eb333083e6077113665734611b4f4d7dedcb6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: www.infosecurity-magazine.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Type: text/html; charset=utf-8
Connection: close
Cache-Control: private
Server: PWS/8.3.1.0.8
Set-Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy; path=/; HttpOnly; SameSite=Lax
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Via: 1.1 PShlamstdAMS1lb17:7 (W), 1.1 PSdgflkfFRA1dm92:10 (W)
X-Px: ms PSdgflkfFRA1dm92FRA,ms PShlamstdAMS1lb17AMS(origin)
X-Ws-Request-Id: 60cd399a_PSdgflkfFRA1dm9_8624-59370
Content-Encoding: gzip

Redirect headers

date: Sat, 19 Jun 2021 00:26:02 GMT
location: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
cf-ray: 66189fa48f110625-FRA
link: <https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0ac3421ad800000625fe37a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 071864a9-3b12-4e82-ab46-b827310c2e1c
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=rCX7L6w%2Fu8Xv6Xk9FztorPxGPAFxOw8vftjXyBLMAoG4DPirEaoVeA%2FvBB7HB%2Fx5xxzisQMzy%2BJTc5b3yTiFb%2Bf9fItybwcledvdxOi%2BLL7g1tJCr70oFvc%2FzgwSTzQRusz3iGEl3WqvM7rYr%2Fw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 9 KB
911 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Requested by

Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

972c9c1da063aec229e5e8b8dfddf89a946b28b4cab8af4002d8cb12ec1399e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Jun 2021 00:26:04 GMT
server: ESF
date: Sat, 19 Jun 2021 00:26:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Jun 2021 00:26:04 GMT

GET
H2 200 css
fonts.googleapis.com/ 664 B
428 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 18 Jun 2021 23:23:37 GMT
server: ESF
date: Sat, 19 Jun 2021 00:26:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Jun 2021 00:26:04 GMT

GET
H/1.1 200
OK base.css
res.infosecurity-magazine.com/css-0012/ 22 KB
5 KB 168ms
44ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/base.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

678b8e1ba87a6638950278e0882372b8a5a19a999382c3cabb1e9e144b595e31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PSfgblPAR2xf192:2 (W), 1.1 PSdgflkfFRA1yz203:8 (W), 1.1 kf43:2 (W)
X-Content-Type-Options: nosniff
Age: 308734
Transfer-Encoding: chunked
X-Px: ht kf43FRA
Connection: keep-alive
Content-Encoding: gzip
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:12 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60cd399c_kf45_18921-39742
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2764800
Expires: Wed, 17 Feb 2021 10:29:22 GMT

GET
H/1.1 200
OK colour-codes.css
res.infosecurity-magazine.com/css-0012/ 11 KB
2 KB 168ms
44ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/colour-codes.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

63ebce060749b8de50579045bcad5148ae53a0da56851bd1558e585ddfa5b2f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 308734
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19313-59412
Content-Length: 1354
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:12 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Via: 1.1 PShlamstdAMS1qj18:0 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 10:40:30 GMT

GET
H/1.1 200
OK article.css
res.infosecurity-magazine.com/css-0012/ 12 KB
3 KB 167ms
43ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/article.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

544746b39aec5e583d4a50fe5a4580ae00e40b5bed78af9706fbb1822325e62e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 295546
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19168-28359
Content-Length: 2775
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Via: 1.1 PSdgflkfFRA1zm204:5 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 14:20:18 GMT

GET
H/1.1 200
OK whats-hot.css
res.infosecurity-magazine.com/css-0012/ 3 KB
1 KB 158ms
34ms Stylesheet
text/css 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/css-0012/whats-hot.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6729beb6a0bdf0264f0492fa345fe2462b3ca4bd972bcc353289b078383844c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 307443
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19565-57420
Content-Length: 834
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/css; charset=utf-8
Via: 1.1 PShlamstdAMS1qj18:4 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 11:02:01 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:13:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Jun 2022 00:13:55 GMT

GET
H/1.1 200
OK modernizr.js Show response
res.infosecurity-magazine.com/js-0012/ 2 KB
2 KB 166ms
43ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/modernizr.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

9bf5bb2d38aff2e30c602ac7d894968b9f384062ef48348619c0b35d1f6e1cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 311993
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_18681-47266
Content-Length: 1259
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PSdgflkfFRA1dt202:0 (W), 1.1 PS-FRA-01E6z147:2 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 09:46:11 GMT

GET
H/1.1 200
OK infosecurity-group.svg
www.infosecurity-magazine.com/_common/img/ 4 KB
5 KB 132ms
37ms Image
image/svg+xml 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/infosecurity-group.svg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

c39eb617c167bdd58f665aef1c4482546eb2892a674846278bafd100c64f4116

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PSygldLON2wq20:8 (W), 1.1 PShlamstdAMS1pu19:9 (W), 1.1 PSdgflkfFRA1dm92:12 (W)
X-Content-Type-Options: nosniff
Age: 285598
X-Px: ht PSdgflkfFRA1dm92FRA
Connection: keep-alive
Content-Length: 4256
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:20 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "bb3ed914cf8dd61:0"
X-Ws-Request-Id: 60cd399c_PSdgflkfFRA1dm9_8624-59513
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Accept-Ranges: bytes

GET
H/1.1 200
OK ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg
assets.infosecurity-magazine.com/profile/thumb/ 2 KB
3 KB 212ms
36ms Image
image/jpeg 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/profile/thumb/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4ca958cef450a74a99f7c5f676dd7b8267ff7d1c168cd28dc45b5b1d530391f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 124222
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19108-54483
Content-Length: 2107
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Wed, 04 Dec 2019 10:39:58 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "2c0BmoNNmocQrkHghluXZY3/CEdYJt6uNlvNCxM4OPw="
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Via: 1.1 PShlamstdAMS1lb17:9 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Link: <http://assets.infosecurity-magazine.com/profile/original/ea721ff9-8ba4-4d88-b386-57e9e1606077.jpg>; rel="canonical"
Expires: Mon, 19 Jul 2021 13:55:42 GMT

GET
H/1.1 200
OK relx-logo-2019.png
www.infosecurity-magazine.com/_common/img/ 10 KB
11 KB 143ms
35ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/relx-logo-2019.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e7a1d846904e1a3394f82ca308b8b1adbafd81d7a80eaafaa02d8e1e47ea9cca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PSygldLON4uq211:2 (W), 1.1 PSdgflkfFRA1zm204:10 (W), 1.1 PSdgflkfFRA1eq94:4 (W)
X-Content-Type-Options: nosniff
Age: 285598
X-Px: ht PSdgflkfFRA1eq94FRA
Connection: keep-alive
Content-Length: 10549
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "e8aa6214cf8dd61:0"
X-Ws-Request-Id: 60cd399c_PSdgflkfFRA1dm9_8465-22015
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Accept-Ranges: bytes

GET
H/1.1 200
OK underscore.min.js Show response
res.infosecurity-magazine.com/js-0012/ 15 KB
6 KB 49ms
48ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/underscore.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

221dd3238795d2e786c5798f80cbb3998c6d1db7ce6d829725af8f5ab7e55bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 301398
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_18921-39743
Content-Length: 5124
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1pu19:7 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 12:42:46 GMT

GET
H/1.1 200
OK unveil.js Show response
res.infosecurity-magazine.com/js-0012/ 603 B
994 B 48ms
47ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/unveil.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

7ef35ca79023b3de6a36ea2ca000a3cb4e380d17b8af64aa527f121444010d64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 311993
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19313-59413
Content-Length: 366
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1pu19:4 (W), 1.1 kf148:2 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 09:46:11 GMT

GET
H/1.1 200
OK ticker.min.js Show response
res.infosecurity-magazine.com/js-0012/ 3 KB
2 KB 68ms
41ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ticker.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

0d662e241e97f4716c225b472df672636700ee994b3d5ab93aaa2887a57d690c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 301398
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19168-28361
Content-Length: 1108
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1pu19:6 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 12:42:46 GMT

GET
H/1.1 200
OK tracking.js Show response
res.infosecurity-magazine.com/js-0012/ 873 B
1 KB 68ms
41ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/tracking.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

db606689388acdc641b527e6ea307c11af962f7e14c3c6e9e7fc76fe264a3717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 301398
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_18681-47267
Content-Length: 450
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:14 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PShlamstdAMS1qj18:7 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 12:42:46 GMT

GET
H/1.1 200
OK ism.js Show response
res.infosecurity-magazine.com/js-0012/ 4 KB
2 KB 69ms
41ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ism.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

74192712778ebae4770b6a5b5f6d6b0f914680673d647b791f4ffa979dc2b95a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 311993
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19565-57421
Content-Length: 1845
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PSdgflkfFRA1yz203:7 (W), 1.1 PS-FRA-01E6z147:1 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 09:46:11 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 175ms
40ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sat, 19 Jun 2021 00:26:04 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK ism.whatshot.js Show response
res.infosecurity-magazine.com/js-0012/ism/ 810 B
969 B 69ms
40ms Script
text/javascript 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://res.infosecurity-magazine.com/js-0012/ism/ism.whatshot.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

526f6ee950b2b777d23694bb65b53bba1baf47ea87dc6c227eeb34a19f68decc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 308733
X-Px: ht kf43FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_19313-59414
Content-Length: 358
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:13 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript; charset=utf-8
Via: 1.1 PSdgflkfFRA1dt202:9 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 10:40:31 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v17/ 30 KB
30 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v17/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee8dc3fdcf311e88a5779e74cee39670aeaf2b95f90856b8eb2fc74e1bc1b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.infosecurity-magazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:01:32 GMT
x-content-type-options: nosniff
age: 581072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30296
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:59:57 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:01:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
41 KB 39ms
29ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2b843ca7e3f22f9ecafe3db43a703eadd015b575c0d4fe4d78450d7ed00007f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41784
x-xss-protection: 0
last-modified: Sat, 19 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 19 Jun 2021 00:26:04 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 24ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "906 / 968 of 1000 / last-modified: 1624054126"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21494
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:04 GMT

GET
H2

200

cse.js Show response
cse.google.com/cse/
Redirect Chain

https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o
https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

10 KB
4 KB

69ms
40ms

Script
text/javascript

2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

36318f8bbab390d8e9446d4facd7a81c3951c8ae69066e6fb2b01874ffd5eb3a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

bfcache-opt-in: unload
date: Sat, 19 Jun 2021 00:26:04 GMT
content-encoding: br
server: gws
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3478
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:04 GMT

Redirect headers

date: Sat, 19 Jun 2021 00:07:30 GMT
x-content-type-options: nosniff
server: sffe
age: 1114
content-type: text/html; charset=UTF-8
location: https://cse.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 267
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:37:30 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5247
date: Fri, 18 Jun 2021 22:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 19 Jun 2021 00:58:37 GMT

GET
H/1.1 200
OK rounded-rectangle.png
res.infosecurity-magazine.com/img/ 185 B
753 B 46ms
38ms Image
text/plain 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/rounded-rectangle.png

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/css-0012/base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

91dfa0b3cde79113a212e68b9c95a1f167ce48cf31730a699cbc0151a8001a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PShlamstdAMS1lb17:8 (W), 1.1 PS-FRA-01E6z147:1 (W), 1.1 kf43:2 (W)
X-Content-Type-Options: nosniff
Age: 308733
X-Px: ht kf43FRA
Connection: keep-alive
Content-Length: 185
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:20 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60cd399c_kf45_18921-39745
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 10:40:31 GMT

GET
H3-29 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ 23 KB
23 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.infosecurity-magazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:40:22 GMT
x-content-type-options: nosniff
age: 585942
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:46 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:40:22 GMT

GET
H/1.1 200
OK bg-header-circuit.png
res.infosecurity-magazine.com/img/ 51 KB
52 KB 48ms
42ms Image
text/plain 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/bg-header-circuit.png

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/css-0012/base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e084e78063db8d13c09375cf6f913a180e96d3ce7d662bac5ae9b18cc789945a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PShlamstdAMS1qj18:5 (W), 1.1 kf160:4 (W), 1.1 kf43:2 (W)
X-Content-Type-Options: nosniff
Age: 310550
X-Px: ht kf43FRA
Connection: keep-alive
Content-Length: 52513
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60cd399c_kf45_18921-39746
Strict-Transport-Security: max-age=31536000
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 10:10:14 GMT

GET
H/1.1 200
OK sprite.svg
res.infosecurity-magazine.com/img/ 389 KB
389 KB 46ms
43ms Image
image/svg+xml 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://res.infosecurity-magazine.com/img/sprite.svg

Requested by

Host: res.infosecurity-magazine.com
URL: https://res.infosecurity-magazine.com/css-0012/base.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

108136cdaaa0dbe0f215a5d6bc112b2b76f4e1a7b71c0463906fb301f481ffe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://res.infosecurity-magazine.com/css-0012/base.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PSygldLON2sq21:2 (W), 1.1 PSdgflkfFRA1dt202:10 (W), 1.1 kf43:2 (W)
X-Content-Type-Options: nosniff
Age: 308831
X-Px: ht kf43FRA
Connection: keep-alive
Content-Length: 398205
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
X-Ws-Request-Id: 60cd399c_kf45_19313-59415
Strict-Transport-Security: max-age=31536000
Content-Type: image/svg+xml
Cache-Control: public, max-age=2764800
Expires: Sat, 17 Jul 2021 10:38:53 GMT

GET
H/1.1 200
OK 468eb7eb-13eb-44eb-9721-8fbed7948d42.jpg
assets.infosecurity-magazine.com/webpage/feat/ 54 KB
54 KB 150ms
49ms Image
image/jpeg 220.242.170.82
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.infosecurity-magazine.com/webpage/feat/468eb7eb-13eb-44eb-9721-8fbed7948d42.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

220.242.170.82 , China, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

5560db46816cb0fc644087f9027ad2f19747ff66d051f2c94b66128e703227ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Px: ms kf43FRA,ht PS-FRA-01nxn162FRA
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_kf45_18689-34166
Content-Length: 54421
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Jun 2021 09:56:05 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "Sw2oyJ5E2WaGrkLgLuupkJNM/Fw2ekjQHvq/m4djhK0="
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Via: 1.1 PS-FRA-01nxn162:5 (W), 1.1 kf43:2 (W)
Cache-Control: public, max-age=2764800
Link: <http://assets.infosecurity-magazine.com/webpage/original/468eb7eb-13eb-44eb-9721-8fbed7948d42.jpg>; rel="canonical"
Expires: Tue, 20 Jul 2021 09:57:57 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN8rsOUuhp.woff2
fonts.gstatic.com/s/opensans/v20/ 15 KB
15 KB 11ms
9ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v20/mem5YaGs126MiZpBA-UN8rsOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:400,400italic,700%7cOpen+Sans:400italic,800

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.infosecurity-magazine.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:48:18 GMT
x-content-type-options: nosniff
age: 567466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15188
x-xss-protection: 0
last-modified: Tue, 18 May 2021 21:21:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:48:18 GMT

GET
H/1.1 200
OK Cookie set / Show response
www.infosecurity-magazine.com/webpage-view/ 0
667 B 67ms
66ms XHR
text/plain 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/webpage-view/?webpageId=130008&utmSource=hs_email&utmMedium=email&utmContent=134767550

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy; _ga=GA1.2.849461824.1624062365; _gid=GA1.2.686316192.1624062365
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 PShlamstdAMS1qj18:5 (W), 1.1 PSdgflkfFRA1je97:13 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Set-Cookie: ISM.Visitor=vid=17d5bf06-e45f-4894-bf1f-d97c512e392b&cs=hs_email&cm=email&cc=134767550; expires=Tue, 20-Jul-2021 00:26:05 GMT; path=/
Cache-Control: private
X-Px: ms PSdgflkfFRA1je97FRA,ms PShlamstdAMS1qj18AMS(origin)
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_PSdgflkfFRA1dm9_8465-22019
Content-Length: 0
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
98 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c01::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-7632735-1&cid=849461824.1624062365&jid=1974133693&gjid=1844788263&_gid=686316192.1624062365&_u=IGBAgAADAAAAAE~&z=64858935

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 19 Jun 2021 00:26:04 GMT
content-type: text/plain
access-control-allow-origin: https://www.infosecurity-magazine.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=199578659&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IGBAgAAD~&jid=1974133693&gjid=1844788263&cid=849461824.1624062365&tid=UA-7632735-1&_gid=686316192.1624062365&z=547507258

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 18 Jun 2021 05:35:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 67827
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021061503.js Show response
securepubads.g.doubleclick.net/gpt/ 325 KB
115 KB 120ms
42ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

sffe /

Resource Hash

408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 15 Jun 2021 21:10:23 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116743
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:04 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-7632735-1&cid=849461824.1624062365&jid=1974133693&_u=IGBAgAADAAAAAE~&z=1222514765

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 00:26:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-7632735-1&cid=849461824.1624062365&jid=1974133693&_u=IGBAgAADAAAAAE~&z=1222514765

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 00:26:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-xss-protection: 0
pragma: public
x-fb-debug: Kzv5hoJlnvXiR9lwGlCY83GEjbnPASdV3kxBakk4q2WDmD2rwCRE0Kts9C6FAEwCjzXZo5iuB0ejZilOGU2JaA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 19 Jun 2021 00:26:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 110ms
37ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16581
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/session-control/ 360 B
954 B 62ms
62ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/session-control/?method=disqus&id=130008

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

c16c43f22c506659ce46766bdfe4d9ae1fc8c0668bf4486e2ea488a73ef0914b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy; _ga=GA1.2.849461824.1624062365; _gid=GA1.2.686316192.1624062365; _gat=1; ISM.Visitor=vid=17d5bf06-e45f-4894-bf1f-d97c512e392b&cs=hs_email&cm=email&cc=134767550
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 kf161:1 (W), 1.1 PS-FRA-01E6z147:0 (W), 1.1 PSdgflkfFRA1je97:12 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Cache-Control: private
X-Px: ms PSdgflkfFRA1je97FRA,ms PS-FRA-01E6z147FRA,ms kf161FRA(origin)
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_PSdgflkfFRA1dm9_8465-22025
Content-Length: 360
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/session-control/ 248 B
842 B 62ms
61ms XHR
application/json 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/session-control/?method=acctbtns&time=1624062364967

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

4bf58e0daf92aad29f2bc18a95e24aecc695dc71a395785432fc221bb716b1ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy; _ga=GA1.2.849461824.1624062365; _gid=GA1.2.686316192.1624062365; _gat=1; ISM.Visitor=vid=17d5bf06-e45f-4894-bf1f-d97c512e392b&cs=hs_email&cm=email&cc=134767550
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:04 GMT
Via: 1.1 kf161:1 (W), 1.1 PS-FRA-01E6z147:0 (W), 1.1 PSdgflkfFRA1je97:12 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Cache-Control: private
X-Px: ms PSdgflkfFRA1je97FRA,ms PS-FRA-01E6z147FRA,ms kf161FRA(origin)
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_PSdgflkfFRA1dm9_8624-59526
Content-Length: 248
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H/1.1 200
OK / Show response
www.infosecurity-magazine.com/nav/mobile/ 5 KB
5 KB 117ms
63ms XHR
text/html 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.infosecurity-magazine.com/nav/mobile/

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

6a845ff3ff7a8a8e49e7640cd8c2f215ca8a7a58d2e12cf8b6b81b635816b934

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: ASP.NET_SessionId=z2zufgkzertfes3eeuowxpqy; _ga=GA1.2.849461824.1624062365; _gid=GA1.2.686316192.1624062365; _gat=1; ISM.Visitor=vid=17d5bf06-e45f-4894-bf1f-d97c512e392b&cs=hs_email&cm=email&cc=134767550
Connection: keep-alive
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Accept: */*
Referer: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:05 GMT
Via: 1.1 PS-FRA-01nxn162:8 (W), 1.1 PS-FRA-01E6z147:8 (W), 1.1 PSdgflkfFRA1eq94:9 (W)
X-Content-Type-Options: nosniff
Server: PWS/8.3.1.0.8
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000
Content-Type: text/html; charset=utf-8
Cache-Control: private
X-Px: ms PSdgflkfFRA1eq94FRA,ms PS-FRA-01E6z147FRA,ms PS-FRA-01nxn162FRA(origin)
Connection: keep-alive
X-Ws-Request-Id: 60cd399c_PSdgflkfFRA1dm9_8465-22029
Content-Length: 4899
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-4d79fed038d59786/ 483 B
436 B 44ms
40ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-4d79fed038d59786/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7f25fede4db5b93e5c049b991dde0bacd7f8b496343a8b07ac97c6ea5b1f5653

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
etag: -1567020332--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=25, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 260

GET
H3-29 200 cse_element__en.js Show response
www.google.com/cse/static/element/323d4b81541ddb5b/ 274 KB
90 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 07:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92213
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 07:04:42 GMT

GET
H3-29 200 default+en.css
www.google.com/cse/static/element/323d4b81541ddb5b/ 41 KB
9 KB 8ms
8ms Stylesheet
text/css 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/element/323d4b81541ddb5b/default+en.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 07:04:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9032
x-xss-protection: 0
last-modified: Wed, 27 Jan 2021 19:23:46 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 17 Jun 2022 07:04:42 GMT

GET
H3-29 200 default.css
www.google.com/cse/static/style/look/v4/ 4 KB
4 KB 9ms
9ms Stylesheet
text/css 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/cse/static/style/look/v4/default.css

Requested by

Host: www.google.com
URL: https://www.google.com/cse/cse.js?cx=013025419539759983845:qhnrzazqj0o

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 23:44:39 GMT
vary: Accept-Encoding
last-modified: Wed, 17 Jun 2020 00:00:00 GMT
server: sffe
x-content-type-options: nosniff
age: 2485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: text/css
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4495
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:34:39 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 17 KB
6 KB 29ms
28ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: H8Znzy3Akix+HhQXpXQuNw==
age: 4925
vary: Accept-Encoding
content-length: 5809
cf-request-id: 0ac34225860000176a588c5000000001
x-ms-lease-status: unlocked
last-modified: Fri, 18 Jun 2021 16:05:48 GMT
server: cloudflare
etag: 0x8D93272F052B8CD
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0215cc61-601e-008a-7f63-6462c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66189fb5a980176a-FRA

GET
H/1.1 200
OK embed.js Show response
infosecuritymagazine.disqus.com/ 74 KB
25 KB 125ms
34ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecuritymagazine.disqus.com/embed.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

0e3c83f1020b79cf34d7f5df0b4afdf8855fd21cdb10f3a80f01156299da34f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:05 GMT
Content-Encoding: gzip
Server: openresty
Age: 58
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24659

GET
H3-29 200 580638648955413 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 70ms
69ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/580638648955413?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2a8aa8a8029664f34fcb68e9419e9f8da62752a01cd34bdd0284d607c204ef41

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: QyGIzMkYSlh1CS2+ZiKWHkEJN0ShMIRhqAUXvP4Z86TngZ0rGsRIzJLYkQ1WFxsDru+AlrSP0F+B4p8tcSvN/g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 19 Jun 2021 00:26:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 43ms
41ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sat, 19 Jun 2021 00:26:05 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.infosecurity-magazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.infosecurity-magazine.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
11 KB 160ms
104ms XHR
text/plain 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1976912893722289&correlator=2480257866215288&output=ldjh&impl=fifs&eid=31061161%2C31061475%2C31061200&vrg=2021061503&ptt=17&sc=1&sfv=1-0-38&ecs=20210619&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cnovel-phishing-attack-abuses&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%2C728x90%2C728x90&cust_params=topics%3DCybercrime%252CHuman%2520Factor%252CPhishing%252CSocial%2520Engineering%252CSecurity%2520Training%2520and%2520Awareness&cookie_enabled=1&bc=31&abxe=1&lmt=1624062365&dt=1624062365186&dlt=1624062364428&idt=725&frm=20&biw=1600&bih=1200&oid=3&adxs=1022%2C250%2C622&adys=812%2C68%2C1843&adks=1248662450%2C519797243%2C3599760947&ucis=1%7C2%7C3&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=356x965%7C1100x0%7C728x51&msz=356x56%7C728x90%7C728x0&ga_vid=849461824.1624062365&ga_sid=1624062365&ga_hid=199578659&ga_fc=false&fws=128%2C128%2C128&ohw=0%2C0%2C0&btvi=0%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

347488be9026d7e19f7da061d34af37b4b7056ab0ffd2a0d70a6d9dd033b8f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11527
x-xss-protection: 0
google-lineitem-id: 5711131422,5711131422,5687292392
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138351953982,138352297003,138349296841
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.infosecurity-magazine.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5f31cf3ae3c659c791aba18ac8899cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 71ms
15ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5f31cf3ae3c659c791aba18ac8899cfb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 async-ads.js Show response
cse.google.com/adsense/search/ 186 KB
65 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/adsense/search/async-ads.js

Requested by

Host: www.google.com
URL: https://www.google.com/cse/static/element/323d4b81541ddb5b/cse_element__en.js?usqp=CAI%3D

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42a468e720ccf24b6fc35c4af0138acf35ee109270b7a6110e74ff820971d607

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
vary: Accept-Encoding
server: sffe
x-content-type-options: nosniff
etag: "12071231439353319562"
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H3-29 200 branding.png
www.google.com/cse/static/images/1x/en/ 1 KB
1 KB 8ms
6ms Image
image/png 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/en/branding.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:43:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 578565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1372
x-xss-protection: 0
expires: Sun, 12 Jun 2022 07:43:20 GMT

GET
H2 204 generate_204
clients1.google.com/ 0
199 B 36ms
5ms Image
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clients1.google.com/generate_204
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 6b575081-117f-49ba-bff7-347875107505.json Show response
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/ 3 KB
2 KB 12ms
12ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/6b575081-117f-49ba-bff7-347875107505.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f2954f62d214e6071faac26ee729343e6e2daee732a017a1fd45cb26ede64b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: xRqYQR7/U+dzRX/LS9DqZg==
age: 2538
vary: Accept-Encoding
content-length: 1158
cf-request-id: 0ac342266a00004e2c68249000000001
x-ms-lease-status: unlocked
last-modified: Tue, 27 Apr 2021 18:43:33 GMT
server: cloudflare
etag: 0x8D909AC5C247538
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 6105fb0a-f01e-0180-086e-5e3d19000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66189fb70c214e2c-FRA

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ 0
26 KB 57ms
16ms Other
text/css 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971756
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 5IFm5CNhrXpI-TJ4ystx1Mwtv9tA_4T15J0dBgXrVncHvDwhX_nXyw==
x-cache-hits: 0

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js
c.disquscdn.com/next/embed/ 0
93 KB 57ms
17ms Other
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971756
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: uNOvtmZFKvHaTrFDdElM7fhayN7deIMpFoR93tNso1IvHh3eJr1B5w==
x-cache-hits: 0

GET
H2 200 lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js
c.disquscdn.com/next/embed/ 0
118 KB 58ms
18ms Other
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 21:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95205
x-cache: Hit from cloudfront
content-length: 120373
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 17 Jun 2021 21:48:37 GMT
server: nginx
etag: "60cbc335-1d635"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Fri, 17 Jun 2022 21:59:20 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 0JUF2gODIJffklcpp5A72nKvJwL49bMud9PnllmWs68las3SQmzbtQ==
x-cache-hits: 0

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
12 KB 72ms
20ms Other
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:05 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 50
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12020
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK recommendations.js Show response
infosecuritymagazine.disqus.com/ 62 KB
21 KB 156ms
156ms Script
application/javascript 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://infosecuritymagazine.disqus.com/recommendations.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

e440a3d8cb47e4ab2204b8ec81fadea4259046608c90ac2e3300d9b2c14737d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:05 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 20742

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
408 B 38ms
15ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 66189fb79bf54e26-FRA
cf-request-id: 0ac34226c300004e266eb96000000001

GET
H3-29 200 error
connect.facebook.net//log/ 67 B
94 B 6ms
6ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://connect.facebook.net//log/error?p=pixel&v=2.9.41&e=Error%3A%20Failed%20to%20check%20if%20the%20current%20pixel%20fired%20pcmInstagramTriggerAttribution%20plugin&s=Error%3A%20Failed%20to%20check%20if%20the%20current%20pixel%20fired%20pcmInstagramTriggerAttribution%20plugin%0A%20%20%20%20at%20b.value%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A17930)%0A%20%20%20%20at%20x%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A56121)%0A%20%20%20%20at%20y%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A56663)%0A%20%20%20%20at%20z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A24%3A56805)%0A%20%20%20%20at%20%24%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10411)%0A%20%20%20%20at%20Function.Z%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A8946)%0A%20%20%20%20at%20Function.ma%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A8719)%0A%20%20%20%20at%20Function.X%20%5Bas%20callMethod%5D%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A3661)%0A%20%20%20%20at%20qa%20(https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10617)%0A%20%20%20%20at%20https%3A%2F%2Fconnect.facebook.net%2Fen_US%2Ffbevents.js%3A27%3A10653&ue=0&rs=stable&rqm=FGET

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 67
x-xss-protection: 0
pragma: no-cache
x-fb-debug: LIwMxqtFC2FHoLPhsySCOtZZUBaRniTsIO41OEay+nHgOegeXxsQuGfAZMoyyv4cQYlQmMltCbbJ0WC8dJYqOQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Jun 2021 00:26:05 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&rl=&if=false&ts=1624062365380&sw=1600&sh=1200&v=2.9.41&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1624062365377.1779718046&it=1624062365137&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E136 0
0 81ms
80ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssI57q-EQYCVI0iPsu6v5RiqeD5Sz5UhLOYbqQ1baP3KnJLJqPLCLGOlkTMGyEcWlChziyZcGciC4ewAKPsTtWKlSy4TuYqCTx4-zrac-HwSmD5SqkW_gp0N0IBP6UNo9nKU2Atsn1kGc711fIpOz9wU8vnSJU1X1ikOui8ubAARQE3H5QWGCXOd4wmcoQp2MlsNjgTdvn4APUBQduB_swZA9iTaeDHvpL1Mxke1wa-hMFJMDICvwHMGJH5lsY-CK9zAoeBopedq070BBwNdUH0t3zxDKJ-LfOBSm23tFVy7dQcTXyU5TS1utfF4Ct9dtMUI1H1_AszToirlMRnkBIj-gDdFYq0NFpTfNqETJNiGNDBx73alw&sai=AMfl-YT9LVrwPuzybRUe4jdgMqkZi5G9V566Bn77XBH5VIa_0RV3w5Zp_kxo4KgSAkEz5MB7V1FW4M_2z_0kdwfCceWbOQn4k_ZPGBkjuXKrpxyyV-OTpfQyeZDSHTNxjyYZ&sig=Cg0ArKJSzHUjRD3gwloMEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame E136 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 00:08:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E136 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E136 0
0 16ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnT4kmXSq1Sb946S-RQ66Ni2lnxhXS3s2jaD489NrBUu4Fx7xd0JdH6lYl0WX59dTrBJeNLPtudcW17uKHutC0UT4IEw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 34079112646395041
tpc.googlesyndication.com/simgad/ Frame E136 41 KB
41 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/34079112646395041

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b8c229b280509bd36b9f1be2d30718cba94bafdb38c1e47f2ba22e2776b5ea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 16:21:10 GMT
x-content-type-options: nosniff
age: 547495
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41738
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 11:19:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 16:21:10 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A3FD 0
0 81ms
80ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuQeOjnKKoqZ1NLHjbMrX1pxOijAICY_BIUh1Dq9HaBTXlOXtdfUoTjWFPOF4R3P09PxKYSoj0jRyfGqNXQxW3uMjkjwwlSf6achny1Ojl56r8MxYvzaW0kN_y6Fd3jCurlDccj4WQc2fuirdfB9mUlu0V3oKQKBgfxG2oIluxaJxhW-Y-XzzVD83GZxmrRvTAX70eQROXUnu3JmHT0eeG_XegjTuyoU2eKrX9UKKZZVy_6lYyFgOawzPcDiaHtSTjftExXAqwRQkRrsPOCnAeKkTukUNptVz6hVhniLzMqJOIyaJkdtuDPxxiK-xhDLMdUMo1eYZfJEZ1xjaPl7T6AV4d__MLbpGn7uK65qbuCjHbB643LRA&sai=AMfl-YRuDjK7vlKxZ68Yy6HqQnXDm1HBMChb4IR9QEHjKZMU8V824Vp5sMgO9-I-Vp6O9Rvhp4bass0SmdDqiYXZani261hILNLozknYoq4EeKyFY4wIdHcOrUs7l7BnMJto&sig=Cg0ArKJSzJu4_2vOl4H8EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame A3FD 3 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 00:08:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3FD 122 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H2 200 4971553326728651519
tpc.googlesyndication.com/simgad/ Frame A3FD 47 KB
47 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4971553326728651519

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08265c2136c63de0a245f13ff6b7a195addac15def24ccb7a57cdef5c18a4b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:47:02 GMT
x-content-type-options: nosniff
age: 556743
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47714
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 11:19:57 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:47:02 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 719C 0
0 81ms
81ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstW2veQuvOp1q9TP_hO0MAwWq1UEHRyzJk7Xe3fe6WElqMj0JX17LYoOPs8URPfjN7gN3aARg8d8jf95G4PxuOmIC5KOHFl1k7IXrGqBHpE20LXKi345vhwBzkcjUXlTGWTUViVKnKypqkvXD5ng65CV3Uw6bO44sogdr8RhXJFRgfEHG_bAjU7LrzWq2-UVD9YrcUNHQEtBspIQeee5cVbp-xRUAlXs72T-WD-c7w4uANCXBTLHdwrdgjqzE-_lTKNIGoyCQdrDRe1-yHRZnkkQh0lM9vsGUmziOd9lcSIfdC_dkR_3EBE2eLJiaGuOQk3jwLJGc7kJ70R19rZeeNr-4VqazROZ9dYhGuoJoRHHVHr8dvZZQ&sai=AMfl-YR8b6TrI3i_yxd1YIRcaaRzfJNlvj1Z8aPcTQdjmRW6nE0V9_ClibUKbMGls91v9vHVec4QXQggkC6KFJ9OOycT8SVi3FSoyrS8N27N8s1zjmhV6etCnYxgWmn-qRcs&sig=Cg0ArKJSzAm2FbTpxx55EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/ Frame 719C 3 KB
1 KB 10ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210616/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:08:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1035
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1385
x-xss-protection: 0
server: cafe
etag: 10711834930267210186
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jul 2021 00:08:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 719C 122 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842920177421"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38075
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 719C 0
0 19ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRdLaMpeV7x2gSpjFhUp1AP_0Sy6_RERdfzABqdqqPH-cae2ZpLk6UAKdKy9wDUU695m6rChE9jlb9qxAo0-g5KlD_0hw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14234354444486907342
tpc.googlesyndication.com/simgad/ Frame 719C 25 KB
25 KB 11ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14234354444486907342

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee8be77c8812a4aac22fbe837180334f294778a79fc4f3aa4e15dbcba32264fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 05:44:31 GMT
x-content-type-options: nosniff
age: 499294
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25645
x-xss-protection: 0
last-modified: Fri, 07 May 2021 14:26:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 05:44:31 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623842926269324"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28241
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 0091 7 KB
4 KB 142ms
141ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e21813fee9b8d5f7b0e70d520968492a0b67c5778c341dfe38d07715b0c37b33

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.infosecurity-magazine.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

Connection: keep-alive
Content-Length: 2781
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Fri, 18 Jun 2021 12:13:59 GMT
ETag: W/"lounge:view:8600435669.2d2a59bb5ba33cb0439365e9bb5fa6be.2"
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 19 Jun 2021 00:26:05 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.17.0/ 377 KB
84 KB 16ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 66Z8bY5FXXAAikIS37tpYA==
age: 4906739
vary: Accept-Encoding
content-length: 85833
cf-request-id: 0ac34227470000176a2688d000000001
x-ms-lease-status: unlocked
last-modified: Tue, 20 Apr 2021 14:24:16 GMT
server: cloudflare
etag: 0x8D90407FA712F62
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e70f6f2c-901e-0017-5401-381885000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66189fb87c6e176a-FRA
expires: Sun, 27 Jun 2021 00:26:05 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame E136 0
0 113ms
70ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsusDXENLBgtNRkngovl8x5wxrn6wIgurI7ywi-d4zc7QSbWyvGqcaMJe7tdI32ADGrUXImwJNQwKgnJBKRZ17wOGqEKRAsHUpaRp2Eask5AYpBNgQJRsyDqgrmuM7ezzsbWI8fVz8Lvg-zNswiedDavGAoP1MT57MEjYP59DHivwBD6opDHcObK3NgvhLL6Xz0evhp1dksj8rXQDKEiNXRWp4Ux3nTGjIu45cYTV0bgXNW4GfVlZaN-Y_sPmu6aPRu-tuMc0jCg-kZEGI10ZZsY8-DGyFj3MGEBPaxcly0_jGwgEiz0AFJ_sp4_rgdDdfBkg2N0nHHhRCDAdL6QYgljT6-upG48wgPmCpfSKDsIxGdlIppLRdCX&sai=AMfl-YSeKfDETM7TJx2VshDy78OWBL3jbCHjY5twlG8YBwerxlraFxOFIbkjtWX95J-uIBK121ada6cJWeZrBljjOdEWZIb6-4yLom1oIpOsRCS3T7AKfj39gE1AX0h2bagu&sig=Cg0ArKJSzLCFWAXtIrZiEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
DATA 200
OK truncated
/ Frame E136 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81abd40de061c326e8166eae85b169ca275918685d7fd54ec88ea30a7d1fb0d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A3FD 0
0 84ms
68ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssy2eJB3ZcoishjCNdlfCsOrmKu88Bse4t6-EdoDiRDB-HUfFVl_U6YsYnp1dFNPSeoCoWX9UPGw_wgNTpav13405L0O82juy3BgLWVKa4t6B5fhWNcsG1Po4_lxO3VXMNojF6eDcYPixT12FL-5TtGBCMf2vlKP8og9odWzbce-UDtvXjpWvUSFGEPbQY0BABcKqoZIdByW01oTcnS2Fk4byMTd3CkJHlQc2-Vqb8ROscDxGJhS9SkgXh7tHGDBjUDJ0sKssMrVBcX05v5Na0e0EM_jgLrKYjd_wNmrWbtSLJxy9TBdfmsTtFzy9sx3amEnFvnW4Tr51lso0naRQHWpj-mV8GNMnQii7nsiucvNyq0VSmx967e&sai=AMfl-YRs8mMVdtnqvLf-3tPCWtT65UrEORO_iVsmjrElNH3h19U310dGje5YWS45vJtqbPu1wN2dwU9dlp2qRJvi5ahV7eHDY6Q3VR2ebmmOQLdCqDGWi7z74uURfwg4_hrN&sig=Cg0ArKJSzBJNCtDjHTS6EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
DATA 200
OK truncated
/ Frame A3FD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8ddcb8fa387018c468032e6a85a0bef51825db83a91996ec9879fb827073fb5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 719C 0
0 73ms
69ms Fetch
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCT_gDkIuqPtHIU5TmxoOXM6RxOevXx-PTslIm_abDBoCBSqAM4ba4gl17LUT_QipI8GLGj--7Gf2vvo9TaaaT-NK8VMPMQS5tZt8_Vc18xOmdh0rn3ZwQb2bNvum2CCIXBWZkXtDpm_GzFSd7UIYb3evHsHfH7RfGwkAWBb6aok8oJz28Qll-k2QlLW39b84QrcYdQi8Vmzggf-YniVQhESb8722QTYC7QzeboKJgZGBIGeT2Oc2t0Le0jVABqqqevWTsSUoEGXVNFvQR7y3uQrx1i6jhaYZ3PI8scpQO9Pd8COYXEDnLfFoGQUxkjy5vALKgXOm8xns--2TuEUr_d4YVBtcYYcJuGcZSEdNjQQLEC8H85f1A&sai=AMfl-YS3QPvsSp3Y0wl-r-fvk4QiBQzQ1D8UQTvS_4D6XotvcgwaPw_td5sqU0Mn7OoeCriud6OHDrSgSNs44gUWAqKsyiFrdBt0Nt9QSmNXVP6lHPMDv3JMFwrMuJxEbUez&sig=Cg0ArKJSzJJTwcDSmtP3EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sat, 19 Jun 2021 00:26:05 GMT

GET
DATA 200
OK truncated
/ Frame 719C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c02a1b659fec9ed91a993cb21644610aad971b900e0c0e2e27aee29e329a70b9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 0
4 KB 16ms
14ms Other
text/css 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3774817
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:52:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: m4kS7zPxlPABf9EE3-mXyB-JFRyjg2viEyLus_eBRwgxKvFgyee4tA==
x-cache-hits: 0

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js
c.disquscdn.com/next/recommendations/ 0
87 KB 16ms
15ms Other
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971755
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: N1CwwQBf6DGDqoVzJJNhuaXTDyFUEFvmAM0lw54dlzhPMDvMQtDK9w==
x-cache-hits: 0

GET
H2 200 recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js
c.disquscdn.com/next/recommendations/ 0
20 KB 20ms
18ms Other
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971755
x-cache: Hit from cloudfront
content-length: 20101
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4e85"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: dq0JEf0gYa6MDYV-2hmJF-rgyfOXsYYMjEzTmZvhPC3VMZKCSXaRWA==
x-cache-hits: 0

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/e331b800-e0ae-45a2-87fa-0bfa145c8342/ 49 KB
12 KB 15ms
15ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/e331b800-e0ae-45a2-87fa-0bfa145c8342/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f8e5b2015a0326a411109736edc0b0db208cb9019e2befdf6c6fdf3ee1bb78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zbG9+Yt6M0Rp2xLklQj4Bw==
age: 2537
vary: Accept-Encoding
content-length: 12585
cf-request-id: 0ac342280800004e2c688e3000000001
x-ms-lease-status: unlocked
last-modified: Thu, 08 Apr 2021 16:24:40 GMT
server: cloudflare
etag: 0x8D8FAAACFB9E3E2
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: c06cd5af-601e-002b-4536-36ac5e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66189fb9a8344e2c-FRA

GET
H2 200 lounge.load.d540fd3421e2252f4918b57237dfe813.js Show response
c.disquscdn.com/next/embed/ Frame 0091 1 KB
1 KB 43ms
14ms Script
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.d540fd3421e2252f4918b57237dfe813.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

6963499aab5ee1eae71b078d0576ac74a910dfd8090553b83241374224543fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 21:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95205
x-cache: Hit from cloudfront
content-length: 534
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 17 Jun 2021 21:48:36 GMT
server: nginx
etag: "60cbc334-216"
content-type: application/javascript; charset=utf-8
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
expires: Fri, 17 Jun 2022 21:59:20 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: AjRP4RjRUjSeDM8sxtCYA4euCPykypg3-Lw32uwwr33n8s8LtKmYtA==
x-cache-hits: 0

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.17.0/assets/ 9 KB
3 KB 12ms
11ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.17.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.17.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 19 Jun 2021 00:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DYIWRFwWAxeWZ0Ct/hqpNg==
age: 4509841
vary: Accept-Encoding
content-length: 2571
cf-request-id: 0ac342282a00004e2c439e3000000001
x-ms-lease-status: unlocked
last-modified: Mon, 26 Apr 2021 19:14:40 GMT
server: cloudflare
etag: 0x8D908E78AB6AC3E
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 75c138e2-401e-0133-509d-3bc79e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=691200
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 66189fb9d87d4e2c-FRA
expires: Sun, 27 Jun 2021 00:26:05 GMT

GET
H/1.1 200
OK / Show response
disqus.com/recommendations/ Frame 4700 5 KB
3 KB 123ms
122ms Document
text/html 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/recommendations.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

4964fa2f6412267ca4fce432d3be7dc187e8895edc91c11fa2802980ea47c00a

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.infosecurity-magazine.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

Connection: keep-alive
Content-Length: 2340
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified: Sat, 12 Dec 2020 06:41:32 GMT
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Sat, 19 Jun 2021 00:26:05 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js Show response
c.disquscdn.com/next/embed/ Frame 0091 282 KB
93 KB 15ms
14ms Script
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.d540fd3421e2252f4918b57237dfe813.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971756
x-cache: Hit from cloudfront
content-length: 94800
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-17250"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: ZArDfBwJzBB6FbZ7mv07zDIjtAjsB5S43vcUdYTh7RAWYx8fanZ9pg==
x-cache-hits: 0

GET
H2 200 lounge.567531e1abfac5c88f2ef94b952d12ba.css
c.disquscdn.com/next/embed/styles/ Frame 0091 158 KB
26 KB 15ms
14ms Stylesheet
text/css 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971756
x-cache: Hit from cloudfront
content-length: 25570
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-63e2"
content-type: text/css; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:09 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 0hee8ywbJ_cKIBlhWq83cnzNONqbR1EXLHwmCw-_ormLb4QqCb8PXw==
x-cache-hits: 0

GET
H2 200 lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js Show response
c.disquscdn.com/next/embed/ Frame 0091 467 KB
118 KB 15ms
14ms Script
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4f1cd5683319e039a90798160fcea90ffa82d2a677f5c4b685134a795ebc9e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 17 Jun 2021 21:59:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95205
x-cache: Hit from cloudfront
content-length: 120373
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Thu, 17 Jun 2021 21:48:37 GMT
server: nginx
etag: "60cbc335-1d635"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Fri, 17 Jun 2022 21:59:20 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: 7nB22INGdpSKumcj9A2yEAk4EQ7O8rJYTtyxZeYdMGwl2TKrODzvTA==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 0091 12 KB
12 KB 61ms
21ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eea4ac1d9ce2e035c5810e6b8d764e24b86d236c49a1fe42d098a07a9845525b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:05 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 51
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12020
X-XSS-Protection: 1; mode=block

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryk5fA9IAoDA1t7WDo

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Sat, 19 Jun 2021 00:26:05 GMT
content-type: text/plain
access-control-allow-origin: https://www.infosecurity-magazine.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 0091 3 KB
3 KB 123ms
123ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=infosecuritymagazine&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c7b3d263bb705d6aef09e3ba1d148f24530d68aec46b2c5cfc3db30d2b1262f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3157
X-XSS-Protection: 1; mode=block

GET
H2 200 recommendations.load.f22fce76ee94f29aa709a0de464f3303.js Show response
c.disquscdn.com/next/recommendations/ Frame 4700 923 B
1018 B 14ms
13ms Script
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.load.f22fce76ee94f29aa709a0de464f3303.js

Requested by

Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

65868622f5681b69bdab392fc96d26b6b57e966b4085e260a4d7dab6edc24acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971755
x-cache: Hit from cloudfront
content-length: 448
x-xss-protection: 1; mode=block
x-served-by: static-web-2
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-1c0"
content-type: application/javascript; charset=utf-8
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: ocOt_Md1RgfTxbSTq_rg9viiq-RABM1mCWofC06o_NNMxxKeLx5hWQ==
x-cache-hits: 0

GET
H/1.1 200
OK threadDetails.json Show response
disqus.com/api/3.0/embed/ Frame 0091 36 B
419 B 115ms
115ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/embed/threadDetails.json?thread=8600435669&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.e51fe378e0cd63a2764bfb6c7ca542a8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

89f4889eebc36f4ad79abb20ba84c4e8b0dac9bce1c0dfbe779ac8d5022572bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
X-Requested-With: XMLHttpRequest
X-Disqus-Publisher-API-Key: 0JINRPVhFn1P1qPXUgbEdOMtGkffd8fTwQwnBtgG8Z5ljCZbwDI0Xfi1ABLYrTk6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Disqus-Remote-Auth: ({})

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 36
X-XSS-Protection: 1; mode=block

GET
H2 200 noavatar92.png
a.disquscdn.com/1623278138/images/ Frame 0091 2 KB
2 KB 116ms
33ms Image
image/png 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://a.disquscdn.com/1623278138/images/noavatar92.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:06 GMT
x-content-type-options: nosniff
last-modified: Fri, 26 Feb 2021 20:50:09 GMT
server: nginx
age: 701703
etag: "60395f01-66c"
strict-transport-security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
x-xss-protection: 1; mode=block
cache-control: max-age=2592000
x-amz-cf-pop: FRA2-C2
content-type: image/png
content-length: 1644
x-amz-cf-id: gwmSf1x2XUK5RFUWYP4jpFLceRy4By5JB4czoOElTiAUynV9vSJviw==
expires: Sat, 10 Jul 2021 21:31:02 GMT

GET
DATA 200
OK truncated
/ Frame 0091 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK disqus-login.png
www.infosecurity-magazine.com/_common/img/ Frame 0091 4 KB
5 KB 39ms
38ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/disqus-login.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

92507b0329fe69614d5f2648a1277955ca360c9b6cf04c4d02df503097378dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Sat+Jun+19+2021+02%3A26%3A05+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=49962771-e661-4357-801f-568772cb20fa&interactionCount=0&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email
Connection: keep-alive
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
Via: 1.1 PSygldLON2sq21:3 (W), 1.1 PShlamstdAMS1lb17:0 (W), 1.1 PSdgflkfFRA1dm92:13 (W)
X-Content-Type-Options: nosniff
Age: 284723
X-Px: ht PSdgflkfFRA1dm92FRA
Connection: keep-alive
Content-Length: 4554
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "62a47914cf8dd61:0"
X-Ws-Request-Id: 60cd399e_PSdgflkfFRA1dm9_8465-22070
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Accept-Ranges: bytes

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0091 13 KB
13 KB 15ms
15ms Image
image/svg+xml 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 08:39:51 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4376775
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Fri, 29 Apr 2022 08:39:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: zD93AgnvjAa_MREEakOQpmRVIFHuAfycc5Y9EPFBZfrxY9OYG7uXTg==
x-cache-hits: 0

GET
H2 200 loader.ba7c86e8b4b6135bb668d05223f8f127.gif
c.disquscdn.com/next/embed/assets/img/ Frame 0091 3 KB
3 KB 16ms
15ms Image
image/gif 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/loader.ba7c86e8b4b6135bb668d05223f8f127.gif

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:01:22 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3972284
x-cache: Hit from cloudfront
content-length: 2971
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-b9b"
content-type: image/gif
access-control-allow-origin: *
expires: Wed, 04 May 2022 01:01:22 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: _AX1OYCIJHQjMgXQlJoPkUIXtgPXsTT8EnTTYMQYUtkcFyIW2nFAsQ==
x-cache-hits: 0

GET
H2 200 sprite.654110a9206fd22f08cca0798e34a65e.png
c.disquscdn.com/next/embed/assets/img/ Frame 0091 2 KB
2 KB 16ms
15ms Image
image/png 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/sprite.654110a9206fd22f08cca0798e34a65e.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:17:18 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3798528
x-cache: Hit from cloudfront
content-length: 1862
x-xss-protection: 1; mode=block
x-served-by: static-web-2
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-746"
content-type: image/png
access-control-allow-origin: *
expires: Fri, 06 May 2022 01:17:18 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 4ll-hu8wcKC0BAv-AOXSR_QUG6rR6-CxKiBMGq78H7npIWanvx1How==
x-cache-hits: 0

GET
H2 200 icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2
c.disquscdn.com/next/embed/assets/font/ Frame 0091 8 KB
8 KB 14ms
14ms Font
application/octet-stream 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/assets/font/icons.4cc7a703d2fdfe684151ff8ac24d45f1.woff2

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 05:29:27 GMT
via: 1.1 cca9137c259ad738f790039a45561cef.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 3783399
x-cache: Hit from cloudfront
content-length: 7900
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-1edc"
content-type: application/octet-stream
access-control-allow-origin: *
expires: Fri, 06 May 2022 05:29:27 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ctVcDRjxShTMnZlBB32jyKf3MPOsinmcwgixlb06RVNkkhsvcP44EA==
x-cache-hits: 0

GET
H2 200 svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg
c.disquscdn.com/next/embed/assets/img/ Frame 0091 13 KB
13 KB 15ms
15ms Image
image/svg+xml 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.disquscdn.com/next/embed/assets/img/svg-sprite.4da5413f5086c5755b46094b813dbfcd.svg

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://c.disquscdn.com/next/embed/styles/lounge.567531e1abfac5c88f2ef94b952d12ba.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 29 Apr 2021 08:39:51 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4376775
x-cache: Hit from cloudfront
content-length: 13079
x-xss-protection: 1; mode=block
x-served-by: static-web-1
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-3317"
content-type: image/svg+xml; charset=utf-8
access-control-allow-origin: *
expires: Fri, 29 Apr 2022 08:39:51 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 9lZacHHVzwQIhhHc6Ytijcb-P-XWXg3KE4gtDCFOGO-xct1zQuVgFQ==
x-cache-hits: 0

GET
H/1.1 200
OK disqus-login.png
www.infosecurity-magazine.com/_common/img/ Frame 0091 4 KB
5 KB 37ms
36ms Image
image/png 163.171.128.148
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.infosecurity-magazine.com/_common/img/disqus-login.png

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.bundle.56cd48e5a629f9154816339b3fb2942a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

163.171.128.148 , Germany, ASN54994 (QUANTILNETWORKS, US),

Reverse DNS

Software

PWS/8.3.1.0.8 /

Resource Hash

92507b0329fe69614d5f2648a1277955ca360c9b6cf04c4d02df503097378dab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: cross-site
Accept-Encoding: gzip, deflate, br
Host: www.infosecurity-magazine.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
Cookie: OptanonConsent=isIABGlobal=false&datestamp=Sat+Jun+19+2021+02%3A26%3A05+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=49962771-e661-4357-801f-568772cb20fa&interactionCount=0&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email
Connection: keep-alive
Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
Via: 1.1 PSygldLON2sq21:3 (W), 1.1 PShlamstdAMS1lb17:0 (W), 1.1 PSdgflkfFRA1dm92:13 (W)
X-Content-Type-Options: nosniff
Age: 284723
X-Px: ht PSdgflkfFRA1dm92FRA
Connection: keep-alive
Content-Length: 4554
X-XSS-Protection: 1; mode=block
X-UA-Compatible: IE=Edge
Last-Modified: Fri, 18 Sep 2020 15:19:19 GMT
Server: PWS/8.3.1.0.8
X-Frame-Options: SAMEORIGIN
ETag: "62a47914cf8dd61:0"
X-Ws-Request-Id: 60cd399e_PSdgflkfFRA1dm9_8465-22078
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Accept-Ranges: bytes

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 5976 337 B
806 B 21ms
15ms Stylesheet
text/css 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3796001
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 01:59:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: bf5OZrKGy8O0euqD1y-R3pOM-jj5-s_NP50GDBgdNpTaNzh03A6F6w==
x-cache-hits: 0

GET
H2 200 realtime.af77184dec69e96e69aff958ae2bb738.css
c.disquscdn.com/next/embed/styles/ Frame 2AA2 337 B
806 B 15ms
15ms Stylesheet
text/css 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/realtime.af77184dec69e96e69aff958ae2bb738.css

Requested by

Host: infosecuritymagazine.disqus.com
URL: https://infosecuritymagazine.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3796001
x-cache: Hit from cloudfront
content-length: 244
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-f4"
content-type: text/css; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 01:59:25 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: rFyyYFV7Pr8zi0Cjk6WowX2-Z9WQ0R6rEfAEIrWgp1pDwsu7vyxnJw==
x-cache-hits: 0

GET
H2 200 common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js Show response
c.disquscdn.com/next/recommendations/ Frame 4700 262 KB
87 KB 15ms
15ms Script
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/recommendations.load.f22fce76ee94f29aa709a0de464f3303.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971756
x-cache: Hit from cloudfront
content-length: 88889
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-15b39"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: X0DuX3RG6MRYEPA-eZST7B0SnJ3xBX8HJ75kyN_jtS6f-KMF0mMgUA==
x-cache-hits: 0

GET
H/1.1 200
OK event.gif
referrer.disqus.com/juggler/ Frame 0091 43 B
295 B 197ms
125ms Image
image/gif 151.101.112.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/event.gif?abe=0&embed_hidden=0&load_time=288&event=init_embed&thread=8600435669&forum=infosecuritymagazine&forum_id=3082669&imp=3nkcqujh710ki&prev_imp&thread_slug=novel_phishing_attack_uses_google_drive_and_docs_infosecurity_magazine&user_type=anon&referrer=https%3A%2F%2Fwww.infosecurity-magazine.com%2F&theme=next&dnt=0&tracking_enabled=0&experiment=network_default_hidden&variant=fallthrough&service=dynamic&promoted_enabled=false&max_enabled=false

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&s_o=default
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H2 200 nr-1209.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 40ms
40ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1209.min.js
Requested by: Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/?utm_medium=email&_hsmi=134767550&_hsenc=p2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ&utm_content=134767550&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Ilyf2heqjbcb6UZHMuleD6bz44kdIrhk
content-encoding: gzip
etag: "ceffb14d16467e17c5360bf7880099fa"
x-amz-request-id: 9YTDKWS1KTJXVYR4
x-cache: HIT
content-length: 11738
x-amz-id-2: 63K0lT5syZe/JXm2RFqz3WvEIKlzAnzZaX0a32Ic9IwKZ+jnpxTdn4e7D+ymi1CMhPNPcBqN3b0=
x-served-by: cache-hhn4061-HHN
last-modified: Thu, 20 May 2021 23:21:18 GMT
server: AmazonS3
x-timer: S1624062366.292119,VS0,VE0
date: Sat, 19 Jun 2021 00:26:06 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3574

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 37ms
36ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061503&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2753552f7b5fe770e6b5258f3eee1f440f0ba755e6a5528b5799043f0954a0c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Jun 2021 00:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0

GET
H2 200 recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ Frame 4700 17 KB
4 KB 15ms
15ms Stylesheet
text/css 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 07:52:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3774818
x-cache: Hit from cloudfront
content-length: 3748
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Wed, 28 Apr 2021 21:48:08 GMT
server: nginx
etag: "6089d818-ea4"
content-type: text/css; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Fri, 06 May 2022 07:52:28 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: A_jYcl59DPq2ZV9_NRxOthTjhZl0KwyFxMUPGancHIsQNTg8EVXvTQ==
x-cache-hits: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061503.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Sat, 19 Jun 2021 00:26:06 GMT

GET
H2 200 recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js Show response
c.disquscdn.com/next/recommendations/ Frame 4700 65 KB
20 KB 15ms
15ms Script
application/javascript 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/recommendations/recommendations.bundle.8476f2bb7473dc28853e21b0f06cc058.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

0932077174a2d9a267a1458d40842414ee1f7c8e91b9230a9f32343b39b6587d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 07 Jun 2021 18:30:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 971756
x-cache: Hit from cloudfront
content-length: 20101
x-xss-protection: 1; mode=block
x-served-by: static-web-1
access-control-allow-origin: *
surrogate-key: next
last-modified: Mon, 07 Jun 2021 17:13:02 GMT
server: nginx
etag: "60be539e-4e85"
content-type: application/javascript; charset=utf-8
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
expires: Tue, 07 Jun 2022 18:30:10 GMT
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
x-amz-cf-id: VUr95rPyyyVbC3pvs5ospayKOXsZFTJqK66lOEvu0raGG7jxKqvxew==
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 4700 12 KB
12 KB 21ms
21ms Script
application/javascript 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eea4ac1d9ce2e035c5810e6b8d764e24b86d236c49a1fe42d098a07a9845525b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 52
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 12020
X-XSS-Protection: 1; mode=block

GET
H2 200 NRJS-70b3f9b2c6f17cc4471 Show response
bam.eu01.nr-data.net/1/ 57 B
319 B 108ms
36ms Script
text/javascript 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bam.eu01.nr-data.net/1/NRJS-70b3f9b2c6f17cc4471?a=86807239&v=1209.f04e2b9&to=MhBSZQoZXxFXWxZbWAtacWIoV0UHW0gOU0MABh9GHRpBA1FdTFNEFQ0%3D&rst=4028&ck=1&ref=https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/&ap=1708&be=2117&fe=3952&dc=2636&perf=%7B%22timing%22:%7B%22of%22:1624062362320,%22n%22:0,%22f%22:165,%22dn%22:166,%22dne%22:251,%22c%22:251,%22s%22:271,%22ce%22:322,%22rq%22:322,%22rp%22:2104,%22rpe%22:2120,%22dl%22:2108,%22di%22:2636,%22ds%22:2636,%22de%22:2666,%22dc%22:3951,%22l%22:3951,%22le%22:3997%7D,%22navigation%22:%7B%7D%7D&fp=2336&fcp=2336&jsonp=NREUM.setToken

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 19 Jun 2021 00:26:06 GMT
via: 1.1 varnish
x-timer: S1624062366.441356,VS0,VE4
strict-transport-security: max-age=300
x-cache: MISS
content-type: text/javascript;charset=ISO-8859-1
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits: 0
accept-ranges: bytes
content-length: 57
x-served-by: cache-hhn4041-HHN

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 4E2E 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.infosecurity-magazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 18 Jun 2021 19:56:47 GMT
expires: Sat, 18 Jun 2022 19:56:47 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16159
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 94C0 783 B
530 B 16ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

282e4b96bfae36c200a951fd36b719f76aed4ddee31f3ad9a48b2af6c04422d2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CUJVUMusyl/nMareCpVkLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.infosecurity-magazine.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.infosecurity-magazine.com/

Response headers

expires: Sat, 19 Jun 2021 00:26:06 GMT
date: Sat, 19 Jun 2021 00:26:06 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-CUJVUMusyl/nMareCpVkLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK details Show response
disqus.com/api/3.0/forums/ Frame 4700 3 KB
3 KB 120ms
119ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/forums/details?forum=infosecuritymagazine&attach=forumFeatures&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c7b3d263bb705d6aef09e3ba1d148f24530d68aec46b2c5cfc3db30d2b1262f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Connection: keep-alive
Content-Type: application/json
Vary: Origin, Cookie
Content-Length: 3157
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK listRecommendations.json Show response
disqus.com/api/3.0/discovery/ Frame 4700 6 KB
6 KB 226ms
224ms XHR
application/json 151.101.0.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/api/3.0/discovery/listRecommendations.json?forum=infosecuritymagazine&thread=url%3Ahttps%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&limit=8&api_key=E8Uh5l5fHZ6gD8U3KycjAIAk46f68Zw7C6eW8WSjZvCLXebZ7p0r1yrYDrLilk2F

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/recommendations/common.bundle.3c0a438a5a4962a39ee30fd041fd5ca9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.0.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

c9e9a7336ec8e38cfd53fbdae51d54d3d0ab25eeb3ea1fb944090d1c22df1da3

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://disqus.com/recommendations/?base=default&f=infosecuritymagazine&t_i&t_u=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&t_e&t_d=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine&t_t=Novel%20Phishing%20Attack%20Uses%20Google%20Drive%20and%20Docs%20-%20Infosecurity%20Magazine
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 19 Jun 2021 00:26:06 GMT
X-Content-Type-Options: nosniff
Server: nginx
Age: 0
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Cache-Control: stale-while-revalidate=450, public, max-age=1800
Connection: keep-alive
Content-Type: application/json
Vary: Origin
Content-Length: 5939
X-XSS-Protection: 1; mode=block

GET
H3-29 200 RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js Show response
pagead2.googlesyndication.com/bg/ Frame 4E2E 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/RQzY8ISKOV3RwOMp_k9UROWM_VdhYjEqMNdKCV1xNfI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 18 Jun 2021 19:53:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5759
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 13:18:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jun 2022 19:53:07 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061503&jk=1976912893722289&bg=!6uml6a3NAAZktE7iZLQ7ACkAdvg8WiHhn5qOVUkFiN1Txe15n5CpxmHcXGPfGbnwMF2pJ_-5jcJ1rAIAAAB4UgAAAA1oAQcKAEAn-qoJ_Y1Doev1pGy8-a94AOABGiSKVTA4xkKOeKE7Nv3HZja5C2tURkWruzr3Qbck6kPVSb-6QjpWUfDi7XGMmQKFPsiY0uidJalwzLz-tvB7sYT6cOUb6Rwyy5o3lXajeYQaVK_mO4ot2vGFlAAmU7vs6Oh5oPcVJRzxA64h7J2pQBDkLhM4tLm_CPQLM5NA1m5KeDCL6L496Zw0DXjOWNDtweaYfHjwmqQTLhjwqu8j4vmCMItk9OzGgNe8IncNt86uAf0O58Md1qc_0vpsExMG0NOPGrwHIIi71wTodNymBkgWKeJm7xfKoxIy6XaDZpHEb70D94Z8qC-QofQqXgOx3oFQMz8S_Fv3bJ25wD0GAO1_0qirYsmhlDdneZu02FvionzMS1w4-fO17HRKbeypHmFuqF4LH_uAkPvZh59ncOgPKtFQcdWcxI3lQZgzX3nC6KNip2_THVEjDTa7ipyyhqjEtVjLVvW4iM3Hles0E54-IMT3bLD2uTPbKD4gzRXc2xApZy7WyzPgxaYoTQMe0kV2GuVaaHXpe9Vey8UScLym-BP_dNc9G4GXalo1mLFTUqN9cNJHX12sjg6gX8KsuiuQzAJgsDdS87qeSwlkdUOT4tdewzgpV_3GnqzgnPDcc4zOFPXglvh9I83Dn6anEHJt20KCsyLtqWYttoOjWc0imzc0h01m78xXXqlX-1EhvppxT7iUEs7sfyokEk2sGC2W06Bpv13h7M3PhqC7jJt_tiomnDXtH3yHM-gA1ax0_X7an-V-opdfd_IZULZj60Icn9kUAU1Zy_WSM-oPt0gH05JSQidx5zssJs_PJMcsx0dBY5_cH_XGfQds7zDkRek5JKydkFMhjoKYcQxga74l5yo8mcSjO6Kfp2k0iavW_wVYflMoG5kohz6ca_Aw0khEIVAVzyHcReZGaTrFu5thU1AT

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 00:26:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E136 42 B
64 B 39ms
38ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfFC7OBBygR5CLR9LWmmHl9WGBjDUEAc_Qn3btkBmNnDi6BN7YqhbwIXTVsOnRjYXtOuR5oAMpJ-n72bpH160yFUSPHUn2EzqOskevYAM&sig=Cg0ArKJSzIMfGzB6HpkZEAE&id=lidar2&mcvt=1000&p=831,1022,1081,1322&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1248662450&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624062365469&dlt=0&rpt=203&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 00:26:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A3FD 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6JBNI2HiyInnKahA7nmGkV3uQkMdXhFfQx1rCFfar6GDBs3y2L6Ba_Vpf_4UYZ_b3VzXEaPJVpmLslCl8G1W01d5RfnIME_fQq6ZGacw&sig=Cg0ArKJSzEBJWJPvu2EyEAE&id=lidar2&mcvt=1002&p=68,250,158,978&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20210616&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=519797243&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1624062365472&dlt=0&rpt=194&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Jun 2021 00:26:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 103ms
101ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F91eb500a-1e9d-4a40-ae87-bd84e6714dcc.jpg&key=cTBmOoX1U1PjOK79YeKwxw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 131ms
129ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F9c0e4107-93fa-48a6-aeae-7097e7c6aff2.jpg&key=203r1PDPlEFqA_-enB8QJA&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 104ms
102ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F6aadf489-e1ef-494b-bcad-4c5c3bd7b963.jpg&key=cB7gz8KsvTd4Z-2sRZh7lw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 103ms
101ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F42936de1-8d3f-4952-9904-60cb456627db.jpg&key=jeZU_sXywkQ0bu8VK1G40A&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 101ms
100ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Ff6cf7b74-bba7-4cfd-b6ca-03d59a2713e7.jpg&key=jvS-Jk_wtGTniaddBxjE7g&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 103ms
102ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2Fba4f024d-8a23-409c-86ab-8498969dc5b7.jpg&key=QWnP4oyUYV20NBEZWouoQw&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 164ms
163ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F97f73327-d2a6-41a4-ab7e-5bb3402ab7d3.jpg&key=AeBXvwZwA2HCO7m86Wo-wQ&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 404 get
c.disquscdn.com/ Frame 4700 0
0 103ms
102ms Image
text/html 2600:9000:2104:4000:6:8656:f5c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.disquscdn.com/get?url=https%3A%2F%2Fassets.infosecurity-magazine.com%2Fwebpage%2Fog%2F79f70412-0296-413b-a5cd-6d074a4dbfef.jpg&key=Kx5pKZ1plbdi_F7Pu-ajFA&h=200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:4000:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://disqus.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H2 200 NRJS-70b3f9b2c6f17cc4471 Show response
bam.eu01.nr-data.net/events/1/ 24 B
167 B 35ms
35ms XHR
image/gif 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://bam.eu01.nr-data.net/events/1/NRJS-70b3f9b2c6f17cc4471?a=86807239&v=1209.f04e2b9&to=MhBSZQoZXxFXWxZbWAtacWIoV0UHW0gOU0MABh9GHRpBA1FdTFNEFQ0%3D&rst=14028&ck=1&ref=https://www.infosecurity-magazine.com/news/novel-phishing-attack-abuses/

Requested by

Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1209.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://www.infosecurity-magazine.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 19 Jun 2021 00:26:16 GMT
via: 1.1 varnish
x-timer: S1624062376.369346,VS0,VE3
x-served-by: cache-hhn4041-HHN
strict-transport-security: max-age=300
x-cache: MISS
content-type: image/gif
access-control-allow-origin: https://www.infosecurity-magazine.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 24
x-cache-hits: 0

Verdicts & Comments Add Verdict or Comment

162 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.disqus.com/	1970-01-20 03:53:18	Name: disqus_unique Value: 3nkcr1u2fmsgv5
disqus.com/	1970-01-19 19:07:44	Name: __jid Value: 3nkcqujh710ki
www.infosecurity-magazine.com/	1970-01-20 04:36:30	Name: __atuvc Value: 1%7C24
www.infosecurity-magazine.com/	1970-01-19 19:07:44	Name: __atuvs Value: 60cd399cf49b0da3000
.infosecurity-magazine.com/	1970-01-20 03:53:18	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Jun+19+2021+02%3A26%3A06+GMT%2B0200+(Central+European+Summer+Time)&version=6.17.0&hosts=&consentId=49962771-e661-4357-801f-568772cb20fa&interactionCount=0&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fnovel-phishing-attack-abuses%2F%3Futm_medium%3Demail%26_hsmi%3D134767550%26_hsenc%3Dp2ANqtz-9nAr-JZORbj8uJ00c9DI8oBS8UwuWd7QTJycWI9ohQrPj2CnsIXuJjkvXBYKgTYcX_22fr0TV5iJAjMhoD_9vOxaCNQQ%26utm_content%3D134767550%26utm_source%3Dhs_email&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C6%3A0
.infosecurity-magazine.com/	1970-01-19 21:17:18	Name: _fbp Value: fb.1.1624062365377.1779718046
.infosecurity-magazine.com/	1970-01-20 04:29:18	Name: __gads Value: ID=99cb0dc80768af56-22dd7ea765c800d2:T=1624062365:S=ALNI_Mbo--y_GaofHH8oFyBq7lTAQ6Vpqg
.infosecurity-magazine.com/	1970-01-20 12:38:54	Name: _ga Value: GA1.2.849461824.1624062365
www.infosecurity-magazine.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: z2zufgkzertfes3eeuowxpqy
.infosecurity-magazine.com/	1970-01-19 19:07:42	Name: _gat Value: 1
www.infosecurity-magazine.com/	1970-01-19 19:52:20	Name: ISM.Visitor Value: vid=17d5bf06-e45f-4894-bf1f-d97c512e392b&cs=hs_email&cm=email&cc=134767550
.infosecurity-magazine.com/	1970-01-19 19:09:08	Name: _gid Value: GA1.2.686316192.1624062365
www.infosecurity-magazine.com/news/novel-phishing-attack-abuses	1969-12-31 23:59:59	Name: ISM.ScreenSize Value: 1600

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://go.recordedfuture.com/e2t/tc/VX2zwn97P94PW32T0Zw1SdtL-W8cYYgJ4s-DTJN63y6np3lGn5V1-WJV7CgJbdW96Vqpr5rkMyxN6Fl9x_Q5fglW4yDtFN8n8L3lVS2c9G1-GMZHW3y8dLn2Wj43pW39ydZd6d8WfCW1M0w5-2hg57ZN1z2PS9VcwJ9W7gSNx1687sCdW4HvxF510wj60W8d7yFK8NLbHSW8KxMBq4XSDKmW5RwyBl41LfpFW5TFVfG2cfyfrW2ycYHp7X5Fl_W7Ghmq14PYtPdW3WVLZT2NXwS3W5TwlK95Cl11jW4GvMrn4mYZFDW2d52246J7X4qW87rFVN52MCt8N4wB-hgsCpwBW4VSsQb8vZbWfW75hl3V2lVr2j3dDy1(Line 13) Message: toS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5f31cf3ae3c659c791aba18ac8899cfb.safeframe.googlesyndication.com
a.disquscdn.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
assets.infosecurity-magazine.com
bam.eu01.nr-data.net
c.disquscdn.com
cdn.cookielaw.org
clients1.google.com
connect.facebook.net
cse.google.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
go.recordedfuture.com
infosecuritymagazine.disqus.com
js-agent.newrelic.com
pagead2.googlesyndication.com
referrer.disqus.com
res.infosecurity-magazine.com
s7.addthis.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.infosecurity-magazine.com
z.moatads.com
104.75.88.126
142.250.186.34
151.101.0.134
151.101.112.134
151.101.114.110
151.101.114.137
151.101.114.49
151.101.12.134
163.171.128.148
2.18.235.40
220.242.170.82
2600:9000:2104:4000:6:8656:f5c0:93a1
2606:2c40::c73c:6702
2606:4700:10::6814:b844
2606:4700::6810:9440
2a00:1450:4001:801::2004
2a00:1450:4001:809::2003
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2004
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2002
2a00:1450:400c:c01::9a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
08265c2136c63de0a245f13ff6b7a195addac15def24ccb7a57cdef5c18a4b46
0932077174a2d9a267a1458d40842414ee1f7c8e91b9230a9f32343b39b6587d
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d662e241e97f4716c225b472df672636700ee994b3d5ab93aaa2887a57d690c
0e3c83f1020b79cf34d7f5df0b4afdf8855fd21cdb10f3a80f01156299da34f7
108136cdaaa0dbe0f215a5d6bc112b2b76f4e1a7b71c0463906fb301f481ffe4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1676a8158867ca736ff0a960b9300b8e0e8c016faa2b3211d54d1317213be669
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1dd4c3f1ea5b28ca04d4f2391197c4b57ef93d2d79ca0656bf6c5d588408e325
1e73bd64edcf6b9b779802e3124b7c484db59493c8252fff3c2af5f8a0375434
2025b295509745f39f42f941f1f806395a81e23e146febbff2e85e00df651b93
221dd3238795d2e786c5798f80cbb3998c6d1db7ce6d829725af8f5ab7e55bfd
2753552f7b5fe770e6b5258f3eee1f440f0ba755e6a5528b5799043f0954a0c2
282e4b96bfae36c200a951fd36b719f76aed4ddee31f3ad9a48b2af6c04422d2
2a8aa8a8029664f34fcb68e9419e9f8da62752a01cd34bdd0284d607c204ef41
2b843ca7e3f22f9ecafe3db43a703eadd015b575c0d4fe4d78450d7ed00007f5
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
3270642c89180c12db93775e2a774b6dadd9bd98cffc963075c85afd2c17b6e4
331b2b1241f1f2a53744bdca867c5b76954d9431970e91f490f64c707fc24a16
347488be9026d7e19f7da061d34af37b4b7056ab0ffd2a0d70a6d9dd033b8f13
36318f8bbab390d8e9446d4facd7a81c3951c8ae69066e6fb2b01874ffd5eb3a
36ef66124133ca33c8b44c487293c3180e5ab681ff3cad3c728ea4f894ec3444
388906152967f639b6aa0e48c8cd9b7c536aa9a9484393754cfb6f14b178c8a5
408abc3a5bedff37056ecb1ba4872225de8a269ffe9aa04fd8fd38a7e7ec5116
42a468e720ccf24b6fc35c4af0138acf35ee109270b7a6110e74ff820971d607
450cd8f0848a395dd1c0e329fe4f5444e58cfd576162312a30d74a095d7135f2
47300f73d115d5d1586ff7b01cc7319166b160bdad6e54a54ad02ac9312f6426
4964fa2f6412267ca4fce432d3be7dc187e8895edc91c11fa2802980ea47c00a
4bf58e0daf92aad29f2bc18a95e24aecc695dc71a395785432fc221bb716b1ee
4c1355d27b14881a055e00a4a2afa4608b452c9780ac5c61e1b8f9fd55fa3e1e
4c4491dcfa94cb46fb73742fc2caf49a1cd59027304af1830c7dc6ce1889857c
4ca958cef450a74a99f7c5f676dd7b8267ff7d1c168cd28dc45b5b1d530391f8
4f1cd5683319e039a90798160fcea90ffa82d2a677f5c4b685134a795ebc9e0c
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
526f6ee950b2b777d23694bb65b53bba1baf47ea87dc6c227eeb34a19f68decc
544746b39aec5e583d4a50fe5a4580ae00e40b5bed78af9706fbb1822325e62e
5560db46816cb0fc644087f9027ad2f19747ff66d051f2c94b66128e703227ff
56f8e5b2015a0326a411109736edc0b0db208cb9019e2befdf6c6fdf3ee1bb78
58e8635e959ce8b5383dcbf9dd50fda2f6a0aeef426760854dfdb2548a3b77fb
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
63ebce060749b8de50579045bcad5148ae53a0da56851bd1558e585ddfa5b2f6
65868622f5681b69bdab392fc96d26b6b57e966b4085e260a4d7dab6edc24acd
6729beb6a0bdf0264f0492fa345fe2462b3ca4bd972bcc353289b078383844c0
678b8e1ba87a6638950278e0882372b8a5a19a999382c3cabb1e9e144b595e31
6963499aab5ee1eae71b078d0576ac74a910dfd8090553b83241374224543fc7
6a845ff3ff7a8a8e49e7640cd8c2f215ca8a7a58d2e12cf8b6b81b635816b934
72f2954f62d214e6071faac26ee729343e6e2daee732a017a1fd45cb26ede64b
74192712778ebae4770b6a5b5f6d6b0f914680673d647b791f4ffa979dc2b95a
7964d033f829ae2809f61810c4efa9adf6aff915ded111a9c346bca2b1302b62
7b8c229b280509bd36b9f1be2d30718cba94bafdb38c1e47f2ba22e2776b5ea3
7ee8dc3fdcf311e88a5779e74cee39670aeaf2b95f90856b8eb2fc74e1bc1b25
7ef35ca79023b3de6a36ea2ca000a3cb4e380d17b8af64aa527f121444010d64
7f25fede4db5b93e5c049b991dde0bacd7f8b496343a8b07ac97c6ea5b1f5653
81abd40de061c326e8166eae85b169ca275918685d7fd54ec88ea30a7d1fb0d6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f4889eebc36f4ad79abb20ba84c4e8b0dac9bce1c0dfbe779ac8d5022572bd
91dfa0b3cde79113a212e68b9c95a1f167ce48cf31730a699cbc0151a8001a0b
92507b0329fe69614d5f2648a1277955ca360c9b6cf04c4d02df503097378dab
972c9c1da063aec229e5e8b8dfddf89a946b28b4cab8af4002d8cb12ec1399e0
9a2c0a3b3510b56be29d68362d3e731986fdc810bb57d6ed461185b278ff89e2
9bf5bb2d38aff2e30c602ac7d894968b9f384062ef48348619c0b35d1f6e1cbb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd41f8d13fb73ecbe3fbdbf26eb333083e6077113665734611b4f4d7dedcb6e
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c02a1b659fec9ed91a993cb21644610aad971b900e0c0e2e27aee29e329a70b9
c16c43f22c506659ce46766bdfe4d9ae1fc8c0668bf4486e2ea488a73ef0914b
c284dcb06ef882b1b45e11e0a16baa223b4117eca94e243c8e725c4ce3f909b3
c39eb617c167bdd58f665aef1c4482546eb2892a674846278bafd100c64f4116
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c7b3d263bb705d6aef09e3ba1d148f24530d68aec46b2c5cfc3db30d2b1262f2
c9e9a7336ec8e38cfd53fbdae51d54d3d0ab25eeb3ea1fb944090d1c22df1da3
ca752586777d1f855a56edaaf5a718b562a36a8d6b5b990f6cc7e590009bc3e9
cdba739c28b41f39ce438f2bf204fe739dc81a26cf559a9394ceed56a0666bee
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfed96db853cb6e2053513daf02c9dec0e5c052e268d2b7f47c245c17ba5cdec
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d1c009c83f73450bedc9ef5decc272e84e1acf87fd721112bd6b6fa270e44caa
db606689388acdc641b527e6ea307c11af962f7e14c3c6e9e7fc76fe264a3717
dcec22bbcb68119d6c7d6d5e088fb82183a9826d0c9e3403f1386fd837f06a89
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
e084e78063db8d13c09375cf6f913a180e96d3ce7d662bac5ae9b18cc789945a
e09c5507d6f189744d043d993a3a28a63d12322f3dc978426ef895517b98b567
e21813fee9b8d5f7b0e70d520968492a0b67c5778c341dfe38d07715b0c37b33
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d2fb5e2edecc03632d4232f8956dfc6cea25557cdd082cab892d00f2769bc4
e440a3d8cb47e4ab2204b8ec81fadea4259046608c90ac2e3300d9b2c14737d0
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
e7a1d846904e1a3394f82ca308b8b1adbafd81d7a80eaafaa02d8e1e47ea9cca
e8ddcb8fa387018c468032e6a85a0bef51825db83a91996ec9879fb827073fb5
ee8be77c8812a4aac22fbe837180334f294778a79fc4f3aa4e15dbcba32264fa
eea4ac1d9ce2e035c5810e6b8d764e24b86d236c49a1fe42d098a07a9845525b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1f8d4204b80f61987126d563bbb88a3036f6fd55f8e98da95a8b9e542f9c495
f2a341fc815d45c21da726d4c843c2c5d3e1f333465347c3c75d040d556df4e5

www.infosecurity-magazine.com Open in urlscan Pro 163.171.128.148 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

100 %HTTPS

68 %IPv6

22 Domains

35 Subdomains

34 IPs

4 Countries

2602 kBTransfer

5507 kBSize

13 Cookies

21 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.infosecurity-magazine.com Open in urlscan Pro
163.171.128.148 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

100 %
HTTPS

68 %
IPv6

22
Domains

35
Subdomains

34
IPs

4
Countries

2602 kB
Transfer

5507 kB
Size

13
Cookies

137 HTTP transactions
4 data transactions