www.techspot.com Open in urlscan Pro
2606:4700:10::ac43:1d23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Submission: On October 21 via manual (October 21st 2023, 10:01:52 pm UTC) from HU — Scanned from DE

Summary HTTP 67 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 23 domains to perform 67 HTTP transactions. The main IP is 2606:4700:10::ac43:1d23, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.techspot.com. The Cisco Umbrella rank of the primary domain is 217627.
TLS certificate: Issued by E1 on September 22nd 2023. Valid for: 3 months.

This is the only time www.techspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	2606:4700:10:... 2606:4700:10::ac43:1d23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2600:9000:264... 2600:9000:2644:d000:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:29aa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:248... 2600:9000:248c:4c00:19:ee95:9600:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
4	2600:9000:243... 2600:9000:243d:a400:15:f55c:78c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2600:9000:243... 2600:9000:243d:800:5:a6be:f9c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:264... 2600:9000:2644:5000:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:1200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.64.168.81 3.64.168.81	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:217... 2600:9000:2171:3600:18:1fcd:353:c61	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:224... 2600:9000:224a:4c00:12:b587:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.249.165.10 34.249.165.10	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:225e:fa00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	52.212.52.84 52.212.52.84	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	3.221.111.246 3.221.111.246	14618 (AMAZON-AES) (AMAZON-AES)
6	2a04:4e42:200... 2a04:4e42:200::626	54113 (FASTLY) (FASTLY)
1	152.199.22.243 152.199.22.243	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	18.154.63.53 18.154.63.53	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:243... 2600:9000:243d:ba00:14:ad08:9b00:21	16509 (AMAZON-02) (AMAZON-02)
67	32

17 2606:4700:10::ac43:1d23 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.techspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.techspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2644:d000:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:29aa (United States)

ASN13335 (CLOUDFLARENET, US)

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:248c:4c00:19:ee95:9600:93a1 (United States)

ASN16509 (AMAZON-02, US)

freyr.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:243d:a400:15:f55c:78c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

widgets.jobbio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

champagne.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:800:5:a6be:f9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

bordeaux.futurecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2644:5000:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:1200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.64.168.81 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-168-81.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2171:3600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:4c00:12:b587:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads.servebom.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.165.10 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-165-10.eu-west-1.compute.amazonaws.com

sommelier.futurehybrid.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:fa00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.212.52.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-52-84.eu-west-1.compute.amazonaws.com

widget-api.jobbio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.221.111.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-221-111-246.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a04:4e42:200::626 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.243 (United States)

ASN15133 (EDGECAST, US)

entitlements.jwplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.154.63.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-53.dus51.r.cloudfront.net

d2q79iu7y748jz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:ba00:14:ad08:9b00:21 (United States)

ASN16509 (AMAZON-02, US)

d1avm1cbyhi830.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	techspot.com 1 redirects www.techspot.com — Cisco Umbrella Rank: 217627 static.techspot.com	267 KB
7	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 3294 test.cmp.quantcast.com — Cisco Umbrella Rank: 11071 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12881	194 KB
6	jwpcdn.com ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2961	392 KB
6	jobbio.com widgets.jobbio.com — Cisco Umbrella Rank: 75511 widget-api.jobbio.com — Cisco Umbrella Rank: 82080	19 KB
4	cloudfront.net d2q79iu7y748jz.cloudfront.net d1avm1cbyhi830.cloudfront.net	20 KB
3	jwplayer.com cdn.jwplayer.com — Cisco Umbrella Rank: 2920 entitlements.jwplayer.com — Cisco Umbrella Rank: 3916	53 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 imasdk.googleapis.com — Cisco Umbrella Rank: 498	127 KB
3	futurecdn.net freyr.futurecdn.net — Cisco Umbrella Rank: 21294 champagne.futurecdn.net — Cisco Umbrella Rank: 22200 bordeaux.futurecdn.net — Cisco Umbrella Rank: 19902	139 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	403 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	21 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	139 KB
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1445	201 B
1	google.de www.google.de — Cisco Umbrella Rank: 6147	408 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714	255 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
1	futurehybrid.tech sommelier.futurehybrid.tech — Cisco Umbrella Rank: 21273	2 KB
1	servebom.com ads.servebom.com — Cisco Umbrella Rank: 21768	498 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1738	15 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1263	643 B
1	gstatic.com fonts.gstatic.com	51 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1348	9 KB
1	permutive.app 6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app — Cisco Umbrella Rank: 21985	353 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
67	23

	Domain	Requested by
16	www.techspot.com	www.techspot.com static.cloudflareinsights.com
6	ssl.p.jwpcdn.com	cdn.jwplayer.com
5	cmp.quantcast.com	www.techspot.com cmp.quantcast.com
4	widgets.jobbio.com	www.techspot.com widgets.jobbio.com
3	d2q79iu7y748jz.cloudfront.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	widget-api.jobbio.com	widgets.jobbio.com
2	cdn.jwplayer.com	champagne.futurecdn.net cdn.jwplayer.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagmanager.com	www.techspot.com www.googletagmanager.com
2	fonts.googleapis.com	www.techspot.com widgets.jobbio.com
1	d1avm1cbyhi830.cloudfront.net
1	imasdk.googleapis.com	cdn.jwplayer.com
1	entitlements.jwplayer.com	cdn.jwplayer.com
1	ping.chartbeat.net
1	www.google.de
1	region1.analytics.google.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.techspot.com
1	sommelier.futurehybrid.tech	bordeaux.futurecdn.net
1	ads.servebom.com	bordeaux.futurecdn.net
1	static.chartbeat.com	www.techspot.com
1	static.techspot.com	1 redirects
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	cmp.quantcast.com
1	fonts.gstatic.com	fonts.googleapis.com
1	secure.quantserve.com	cmp.quantcast.com
1	bordeaux.futurecdn.net	www.techspot.com
1	champagne.futurecdn.net	www.techspot.com
1	freyr.futurecdn.net	www.techspot.com
1	6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app	www.techspot.com
1	static.cloudflareinsights.com	www.techspot.com
67	32

This site contains links to these domains. Also see Links.

Domain
jobs.techspot.com
arstechnica.com
www.malwarebytes.com
keepass.info
www.reddit.com
amply.co
www.indeed.com
www.facebook.com
www.twitter.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
techspot.com E1	`2023-09-22` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
cmp.quantcast.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.futurecdn.net Amazon RSA 2048 M02	`2023-09-08` - `2024-10-06`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
widgets.jobbio.com Amazon RSA 2048 M01	`2023-08-13` - `2024-09-10`	a year	crt.sh
champagne.futurecdn.net R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.chartbeat.com Thawte TLS RSA CA G1	`2023-05-16` - `2024-06-06`	a year	crt.sh
*.servebom.com Amazon RSA 2048 M02	`2023-10-19` - `2024-11-15`	a year	crt.sh
sommelier.futurehybrid.tech R3	`2023-09-30` - `2023-12-29`	3 months	crt.sh
jwplayer.com Amazon RSA 2048 M02	`2023-03-01` - `2023-12-25`	10 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
widget-api.jobbio.com R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-08-30` - `2024-09-30`	a year	crt.sh
entitlements.jwplayer.com GeoTrust TLS RSA CA G1	`2023-04-11` - `2024-05-11`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Frame ID: 3FBCB23C6BA4A4E2CF4EE64AFB304ECB
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A clever Google-hosted, malicious ad fakes the KeePass website | TechSpotUser loginSearchTechSpot logo

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

67
Requests

97 %
HTTPS

77 %
IPv6

23
Domains

32
Subdomains

32
IPs

4
Countries

1809 kB
Transfer

6236 kB
Size

11
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://jobs.techspot.com/?source=header
Title: Jobs

Search URL Search Domain Scan URL

URL: https://arstechnica.com/information-technology/2017/04/chrome-firefox-and-opera-users-beware-this-isnt-the-apple-com-you-want/
Title: resembled apple.com

Search URL Search Domain Scan URL

URL: https://www.malwarebytes.com/blog/threat-intelligence/2023/10/clever-malvertising-attack-uses-punycode-to-look-like-legitimate-website
Title: Malwarebytes Labs

Search URL Search Domain Scan URL

URL: https://keepass.info/
Title: KeePass

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html&title=A%20clever%20Google-hosted,%20malicious%20ad%20fakes%20the%20KeePass%20website

Search URL Search Domain Scan URL

URL: https://amply.co/
Title: BY Amply

Search URL Search Domain Scan URL

URL: https://www.indeed.com/tmn/ccs/11160cd955bae975/bad36634e47adc0dc11e0f8cf4b3e0fb774466df51d8a020c7ce641c35a14653/1150986313069762
Title: The MITRE Corporation AI Expert - Large Language Models (LLM) and Generative AI McLean See Job

Search URL Search Domain Scan URL

URL: https://www.indeed.com/tmn/ccs/ad76155abdec7a34/1a51188eb097286900e5b6c4bdf7958a49a19bcf8b9b59587557b1751e26b2b9/1150986313069762
Title: Sound Transit Systems Engineer-IT Seattle See Job

Search URL Search Domain Scan URL

URL: https://www.indeed.com/tmn/ccs/d31b1cdd047c9b84/eed02f8498d6b295e7fd364d934da03a9e89b6fef9ae89d7ce71dfa3fb1f2a36/1150986313069762
Title: G-Research Head of Software Engineering Services (SES) Dallas See Job

Search URL Search Domain Scan URL

URL: https://www.indeed.com/tmn/ccs/b096a3a6c29fb252/a7a2f10eaa080cac99fa54ae5a9a2570742af6b0a25c028adb7a0868d5738d34/1150986313069762
Title: Capgemini Software Engineer - iOS Engineer San Francisco See Job

Search URL Search Domain Scan URL

URL: https://jobs.techspot.com/search/jobs?source=jobs_widget
Title: Search More Roles

Search URL Search Domain Scan URL

URL: https://jobs.techspot.com/?source=footer
Title: Tech Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/techspot

Search URL Search Domain Scan URL

URL: https://www.twitter.com/techspot

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thisistechspot/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/techspot

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27

https://static.techspot.com/images/promos/techspot-logo-blue-trans-comp.png HTTP 301
https://www.techspot.com/images/promos/techspot-logo-blue-trans-comp.png

67 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 100555-malvertising-attack-uses-punycode-character-spread-malware-through.html Show response
www.techspot.com/news/ 123 KB
30 KB 1025ms
960ms Document
text/html 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3baa228ad347ad801e2b86b901b4f25a5fe00752a58d0f46fe3fa4f5f5a9bd4f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7264
alt-svc: h3=":443"; ma=86400
cache-control: public, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 819cc7ec7b2cbbf8-FRA
content-encoding: br
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sat, 21 Oct 2023 22:01:46 GMT
referrer-policy: no-referrer-when-downgrade
remote-ip: 2001:1b60:1010:2:1012:8bd8:e4e9:d2f3, 172.70.246.187, 127.0.0.1
server: cloudflare
strict-transport-security: max-age=63072000
vary: Accept-Encoding
via: 1.1 varnish
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 2023-10-19-image-6-p_1100.webp
www.techspot.com/images2/news/bigimage/2023/10/ 6 KB
6 KB 714ms
713ms Image
image/webp 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images2/news/bigimage/2023/10/2023-10-19-image-6-p_1100.webp

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c27338817399eb96e0d553bc509b43cbd62b3e07c656d41d8b50f2544ca149f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: EXPIRED
content-security-policy: upgrade-insecure-requests
remote-ip: 2001:1b60:1010:2:1012:8bd8:e4e9:d2f3, 172.70.246.69, 127.0.0.1
content-length: 5888
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Oct 2023 17:56:26 GMT
server: cloudflare
etag: "65316dca-1700"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 819cc7f28a32bbf8-FRA

GET
DATA 200
OK truncated
/ 65 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70ce0ccccb5a5920b8f1a9b9f27d002e6a34947d288e8c1c27680ddf4c56b334

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rocket-loader.min.js Show response
www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 24ms
23ms Script
application/javascript 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2023 11:32:23 GMT
server: cloudflare
etag: W/"652d1f47-302c"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 819cc7f2aa48bbf8-FRA
expires: Mon, 23 Oct 2023 22:01:46 GMT

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 107ms
58ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Origin: https://www.techspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 819cc7f2e97839da-FRA

GET
H2 200 forum-icon.svg
www.techspot.com/images/ 408 B
479 B 35ms
35ms Image
image/svg+xml 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images/forum-icon.svg

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a19d28fce39f992a9b883a20a62a5906b53cc913941f57b9d3f69a28510c2ba4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
age: 5901150
remote-ip: 89.219.237.216, 172.70.246.175, 127.0.0.1
content-length: 283
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jan 2020 21:57:22 GMT
server: cloudflare
etag: W/"5e2f5cc2-198"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7776000, public, no-transform
accept-ranges: bytes
cf-ray: 819cc7f2aa4fbbf8-FRA

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/a8QgkiX-vjktg/www.techspot.com/ 5 KB
2 KB 81ms
23ms Script
application/javascript 2600:9000:2644:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/a8QgkiX-vjktg/www.techspot.com/choice.js?tag_version=V2
Requested by: Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ca31300f3b409ce6976a80887cdc3af11a17968842825f0f06c1368f8dc6495

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:20 GMT
content-encoding: br
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
last-modified: Thu, 10 Aug 2023 22:58:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P6
age: 29
x-amz-server-side-encryption: AES256
etag: W/"63536a48fcdc6d09409ad4d5cf6f7a7a"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: Z0dHXk1Ut7sfr03BnF4bHm0njQkT9BcvVPDGBjFL1k69Jw5sWlMTww==

GET
H2 200 6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js Show response
6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/ 1 MB
353 KB 112ms
46ms Script
application/javascript 2606:4700:4400::6812:29aa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app/6093eccf-6734-4877-ac8b-83d6d0e27b46-web.js
Requested by: Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:29aa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b2476cab823471b9c40fa67d39a2ea001f65bfd7cd141ced9eda01b10b7ca98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 6093eccf-6734-4877-ac8b-83d6d0e27b46
age: 0
x-guploader-uploadid: ADPycduwhiw2NqGqEuOE5x9qRYglVixx0RemVnNvBe_G6lcNqwyZgf8VVX6842q-r1H61JPNgMFRXhK_YGNGwS5zgPvLCw
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Fri, 20 Oct 2023 10:35:27 GMT
server: cloudflare
etag: W/"e7662fccac124e348ce139308fae28b8"
vary: Accept-Encoding
x-goog-generation: 1697798127512024
content-type: application/javascript
x-goog-hash: crc32c=5FiYMQ==, md5=52YvzKwSTjSM4Tkwj64ouA==
cache-control: public, max-age=900
x-goog-stored-content-length: 375719
timing-allow-origin: *
cf-ray: 819cc7f34c671c38-FRA
expires: Sat, 21 Oct 2023 22:16:46 GMT

GET
H2 200 freyr.js Show response
freyr.futurecdn.net/ 82 KB
21 KB 141ms
36ms Script
application/javascript 2600:9000:248c:4c00:19:ee95:9600:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://freyr.futurecdn.net/freyr.js

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:248c:4c00:19:ee95:9600:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

553be0a5b4657350212a9c36d235cc92d4b0dc01cfb0867d83c2aecfeb6486d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
via: 1.1 27674c645904e04ed5860bd3bff6d214.cloudfront.net (CloudFront)
date: Sat, 21 Oct 2023 21:58:30 GMT
last-modified: Mon, 16 Oct 2023 11:36:10 GMT
x-amz-cf-pop: MXP64-P1
age: 198
etag: W/"652d202a-1498e"
vary: Accept-Encoding
freyr-version: 6.4.2
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-id: W6kX6UC-4pD59NXDnoyMAGIRwIHrU_ryOHGqOck1k1119Ud4uvE-VA==

GET
H3 200 stylesFooterComm.css
www.techspot.com/css/ 14 KB
3 KB 38ms
38ms Stylesheet
text/css 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/css/stylesFooterComm.css?v=10.18.2023.1

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25be69adabd71c125160258e85e02c549f430d52041a2c276db41e04eecdf9de

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
age: 242185
remote-ip: 168.119.65.49, 172.69.150.241, 127.0.0.1
content-length: 3174
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 04 Oct 2023 00:48:39 GMT
server: cloudflare
etag: W/"651cb667-36f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=7776000, public, no-transform
accept-ranges: bytes
cf-ray: 819cc7f2e9485d88-FRA

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 86ms
32ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b0bacc432439cf9d8c65a2439277ba2a090c1d1da5686d7126be279854e56f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 21:53:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 22:01:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 132 KB
51 KB 89ms
37ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-108935-1

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f74dd05407bb52878522f442af01257f96ddb52dbdbfa92327ca58c742b9787

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 51589
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 21 Oct 2023 22:01:46 GMT

GET
H2 200 display.min.js Show response
widgets.jobbio.com/partner_fluid_widgets_v1.6.1/ 37 KB
5 KB 125ms
24ms Script
application/javascript 2600:9000:243d:a400:15:f55c:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js
Requested by: Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:a400:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f720d4434341a72ecaba1614be552b3d629bedc9da07aabf9660c6dff96cdce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 07:55:06 GMT
content-encoding: br
via: 1.1 47c4e8338b148239463956ff49af0736.cloudfront.net (CloudFront)
last-modified: Tue, 01 Aug 2023 15:12:46 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 50801
x-amz-server-side-encryption: AES256
etag: W/"66279fc9d8b131b3885b39dab4b9dfdb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: MKaBxxFOdAe83v5PseTDzC1eEumYFfiAEqb9DuX-9v1gt1Epwr20NQ==

GET
H3 200 story.min.js Show response
www.techspot.com/css/js/techspot-js.min/ 37 KB
11 KB 56ms
56ms Script
application/javascript 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/css/js/techspot-js.min/story.min.js?v=10.06.2023.1

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436fe3d64434d3101b2bbced702e7a35526766147083da03f936097246a192bc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
age: 1270946
remote-ip: 168.119.68.176, 172.69.150.180, 127.0.0.1
content-length: 11209
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 07 Oct 2023 04:54:41 GMT
server: cloudflare
etag: W/"6520e491-9269"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=7776000, public, no-transform
accept-ranges: bytes
cf-ray: 819cc7f2e94f5d88-FRA

GET
H3 200 jquery-3.6.3.min.js Show response
www.techspot.com/css/js/jquery/ 88 KB
31 KB 38ms
37ms Script
application/javascript 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/css/js/jquery/jquery-3.6.3.min.js

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
age: 5901245
remote-ip: 168.119.68.251, 172.69.150.108, 127.0.0.1
content-length: 31121
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 28 Jan 2023 06:22:08 GMT
server: cloudflare
etag: "63d4bf10-15f5b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=7776000, public, no-transform
accept-ranges: bytes
cf-ray: 819cc7f2e9505d88-FRA

GET
H/1.1 200
OK champagne.js Show response
champagne.futurecdn.net/ 45 KB
16 KB 85ms
25ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL

https://champagne.futurecdn.net/champagne.js

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),

Reverse DNS

map3.hwcdn.net

Software

Resource Hash

c852c1d25f1a5d590d42dd3234b26e757c7590727588da641eed9d8fc7f7d0f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 22:01:46 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15724800; includeSubDomains
Last-Modified: Thu, 14 Sep 2023 13:27:33 GMT
champagne-version: latest
ETag: W/"65030a45-b446"
X-HW: 1697925706.cds225.fr8.hn,1697925706.cds157.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15482

GET
H2 200 bordeaux.js Show response
bordeaux.futurecdn.net/ 346 KB
103 KB 123ms
28ms Script
application/javascript 2600:9000:243d:800:5:a6be:f9c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bordeaux.futurecdn.net/bordeaux.js

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:243d:800:5:a6be:f9c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

daf6ccd16572d87b06e042f7f6354ee54510b0ff427a7b226b8432cb3511a527

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
bordeaux-version: latest
content-encoding: gzip
date: Sat, 21 Oct 2023 21:51:10 GMT
last-modified: Wed, 18 Oct 2023 10:56:17 GMT
via: 1.1 c37b7e69b10b90188d923a2d02d4e71a.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
etag: W/"652fb9d1-566b4"
age: 639
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: 49A0JDzim9ZGK-0HpQnJ6BQvz1rHFsB3ZwCbTiVkhtLrqAUUdn1_mQ==

GET
H3 200 icon-comments-lg.svg
www.techspot.com/images/ 407 B
635 B 40ms
39ms Image
image/svg+xml 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images/icon-comments-lg.svg

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/css/stylesFooterComm.css?v=10.18.2023.1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

190a8191dc3cafd761ff10a353d5f4d87f8241bb475305cb366cc0b5e7e16cfe

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/css/stylesFooterComm.css?v=10.18.2023.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=63072000
cf-cache-status: HIT
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
age: 1311346
remote-ip: 89.163.242.132, 172.69.151.167, 127.0.0.1
content-length: 286
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Jan 2020 22:05:45 GMT
server: cloudflare
etag: W/"5e2f5eb9-197"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=7776000, public, no-transform
accept-ranges: bytes
cf-ray: 819cc7f3298e5d88-FRA

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 99ms
40ms Script
application/javascript 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/a8QgkiX-vjktg/www.techspot.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:46 GMT
content-encoding: gzip
etag: "0nVqEbFaTM2zzuiWgn9NwQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sat, 28 Oct 2023 22:01:46 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 160 KB
42 KB 24ms
24ms Script
text/javascript 2600:9000:2644:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.techspot.com
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/a8QgkiX-vjktg/www.techspot.com/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:14:54 GMT
content-encoding: br
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 2813
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Thu, 28 Sep 2023 19:02:48 GMT
server: AmazonS3
etag: W/"fc4e55a5d8f4ef863759040ad9a735b2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: jY8CGGznFQ7Lj0ksL2tifirwpZPXU8y2Isoimyo0eUTtCJArsd2fpQ==

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v27/ 50 KB
51 KB 77ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v27/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.techspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 18 Oct 2023 18:06:11 GMT
x-content-type-options: nosniff
age: 273335
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51404
x-xss-protection: 0
last-modified: Wed, 18 Oct 2023 17:52:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Oct 2024 18:06:11 GMT

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 11 KB
3 KB 98ms
21ms XHR
application/json 2600:9000:2644:5000:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.techspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:5000:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 03:00:42 GMT
x-amz-version-id: RmBAvo2GdAadPfN30SZARmFQmvGShfQI
content-encoding: br
via: 1.1 d4b0acc43b96f7849332ef0fcc29ac32.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 68464
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 11 Oct 2023 19:52:29 GMT
server: AmazonS3
etag: W/"aa4d81007eaebf13941b812e0f4690d2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: GyrvY_zPstUgMgPUokxZkIixMUQ6qYdGS6OiD6X9vs_tjPoAmHDQpw==

GET
H2 200 rules-p-a8QgkiX-vjktg.js Show response
rules.quantcount.com/ 160 B
643 B 90ms
25ms Script
application/javascript 2600:9000:224a:1200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-a8QgkiX-vjktg.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37d14d6c20c6a27232f36167ac79f675c3e56dceb632e89669a77339aa4ddaa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:24:43 GMT
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 2430
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 22:34:26 GMT
server: AmazonS3
etag: "955d142ce210e8e789e0dec58db2874d"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: cMDHgjTN9QTUzDpdC19DixJoVgVBJNupL7dS5BvQlJNxCFWpaSVURg==

GET
BLOB 200
OK 95e54991-df8f-4274-b5bf-c0be66bc743d
https://www.techspot.com/ 603 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.techspot.com/95e54991-df8f-4274-b5bf-c0be66bc743d
Requested by: Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f761243a6058caea2177695e5807de4c70143b6631f91a111135b2ddcba0742

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 617162
Content-Type

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/48/ 280 KB
69 KB 23ms
23ms Script
text/javascript 2600:9000:2644:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.techspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 05:59:31 GMT
content-encoding: br
via: 1.1 13ad77f5993668d67b8168f460ba6368.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 144136
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Thu, 28 Sep 2023 19:02:13 GMT
server: AmazonS3
etag: W/"536ccb89e71d91899cbb40217285c9c4"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: 6kWYeqhazRhNGASIkz2tEaZfel5JArNYntPKnHnvUN1-6ShtHkEvcw==

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 358 KB
43 KB 71ms
26ms XHR
application/json 2600:9000:2644:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.techspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 852d8795faedfac3e0adf9f61394013eddb06bf973561c0ced55f73b49fb54b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 03:00:40 GMT
content-encoding: br
via: 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 68468
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 21 Oct 2023 03:00:36 GMT
server: AmazonS3
etag: W/"b54025cfecffde04008d6ddb492b9bf4"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: 9e-ROzggT2mgbu4Pz_NxFrGU4GMhjBm1tUzny4u3ENpAppJMdqD7eQ==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 141 KB
34 KB 94ms
49ms XHR
application/json 2600:9000:2644:d000:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.techspot.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2644:d000:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 03:00:28 GMT
content-encoding: gzip
via: 1.1 1ed131e2ff13a9b8852067b4dfb6f2dc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P6
age: 68480
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Sat, 21 Oct 2023 03:00:26 GMT
server: AmazonS3
etag: W/"1e4d3cb991895e0ec4cdfbc78091c44d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Mona4EyvH5THRF4J1W5oxWkAKZj3Ad0ZqY6-rDi1_-owxCifuo8ygQ==

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 93ms
24ms XHR
text/plain 3.64.168.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22a8QgkiX-vjktg%22%2C%22domain%22%3A%22www.techspot.com%22%2C%22publisher%22%3A%22TechSpot%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.48%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22R1UYOBhLpxs0d1WhOCOqKw%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1697925707008%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-gv996l9cjg973tibtfm5%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/48/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.64.168.81 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-64-168-81.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Oct 2023 22:01:47 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H3

200

techspot-logo-blue-trans-comp.png
www.techspot.com/images/promos/
Redirect Chain

https://static.techspot.com/images/promos/techspot-logo-blue-trans-comp.png
https://www.techspot.com/images/promos/techspot-logo-blue-trans-comp.png

6 KB
6 KB

36ms
36ms

Image
image/png

2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images/promos/techspot-logo-blue-trans-comp.png

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Protocol

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c730b1c98817a669fb10c327e149b55347e307d50fe9266449c124ac034e9f34

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 6588
remote-ip: 2a02:908:614:6120:6cb1:d886:be7:96c6, 172.69.151.178, 127.0.0.1
content-length: 5854
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 20 Nov 2020 00:44:52 GMT
server: cloudflare
etag: "5fb71184-16de"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
accept-ranges: bytes
cf-ray: 819cc7f54b575d88-FRA

Redirect headers

date: Sat, 21 Oct 2023 22:01:47 GMT
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
age: 58
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html
location: https://www.techspot.com/images/promos/techspot-logo-blue-trans-comp.png
cf-ray: 819cc7f50c93bbf8-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 134ms
36ms Script
application/x-javascript 2600:9000:2171:3600:18:1fcd:353:c61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.techspot.com
URL: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2171:3600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 08:39:40 GMT
content-encoding: gzip
via: 1.1 e9e1ae0211eb8060a9bf55183ccf8788.cloudfront.net (CloudFront)
last-modified: Wed, 09 Aug 2023 00:45:38 GMT
server: nginx
x-amz-cf-pop: CDG53-C1
age: 48127
etag: W/"64d2e1b2-94a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-amz-cf-id: yOI7ZVUgd7pVT5X3tABHR8osLWQpVwMlA1kwe4Wxd6FbevBKsxzRlw==
expires: Sun, 22 Oct 2023 08:39:40 GMT

GET
H2 200 hybrid_id Show response
ads.servebom.com/ 43 B
498 B 171ms
92ms Fetch
application/json 2600:9000:224a:4c00:12:b587:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servebom.com/hybrid_id
Requested by: Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:4c00:12:b587:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c1caf0968766a80d732fdc70af86fc1d82f4408a420bdbbf165e54fe458497cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 c31ad517510d586c0f2aa3c5dbc40b06.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.techspot.com
access-control-allow-credentials: true
content-length: 69
x-amz-cf-id: vcwZJJjhA37VUuPqTK5FWEQu17DCO5zuTmOjyegAZYzARHS2WupgSA==

GET
H2 200 / Show response
sommelier.futurehybrid.tech/config/ 8 KB
2 KB 235ms
51ms Fetch
application/json 34.249.165.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sommelier.futurehybrid.tech/config/?r=627&tpl=news&l=https%3A%2F%2Fwww.techspot.com%2Fnews%2F100555-malvertising-attack-uses-punycode-character-spread-malware-through.html&sw=1600

Requested by

Host: bordeaux.futurecdn.net
URL: https://bordeaux.futurecdn.net/bordeaux.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

34.249.165.10 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-165-10.eu-west-1.compute.amazonaws.com

Software

Resource Hash

0685fafcd790f79cc4953449c139c981050a64102ad47f45b809c41066bc4e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 21 Oct 2023 22:01:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: br
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 259 KB
88 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6CYPWEH2JE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108935-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f1e0184af142423fd6940c2931334caf35f26a55a8b2a5eb44c07b297d11b814

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90099
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 21 Oct 2023 22:01:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-108935-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 21 Oct 2023 21:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 614
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 21 Oct 2023 23:51:33 GMT

GET
H2 200 YqaVdd6L.js Show response
cdn.jwplayer.com/libraries/ 121 KB
44 KB 99ms
33ms Script
text/javascript 2600:9000:225e:fa00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Requested by: Host: champagne.futurecdn.net
URL: https://champagne.futurecdn.net/champagne.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:fa00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: dfa8b11e458ee0dba409f2eab41db2eaa20700a0a0951680445f6abd9c18da6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:59:04 GMT
content-encoding: gzip
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 163
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180
x-robots-tag: noindex, indexifembedded
content-length: 45075
x-amz-cf-id: DD319-a9QFuQwQMdgIkvqaMX2-_RGPh20a84SdN3QXy_h_yQWAdwoA==

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 100ms
49ms Fetch
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/css/js/techspot-js.min/story.min.js?v=10.06.2023.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51114
x-xss-protection: 0
server: cafe
etag: 7757400486972543171
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 21 Oct 2023 22:01:47 GMT

GET
H3 200 / Show response
www.techspot.com/news/add-view/100555/ 1 B
316 B 275ms
274ms XHR
text/html 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/news/add-view/100555/

Requested by

Host: www.techspot.com
URL: https://www.techspot.com/css/js/jquery/jquery-3.6.3.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: DYNAMIC
content-security-policy: upgrade-insecure-requests
age: 0
content-encoding: br
remote-ip: 2001:1b60:1010:2:1012:8bd8:e4e9:d2f3, 172.69.151.137, 127.0.0.1
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: private, no-cache, max-age=0
cf-ray: 819cc7f79d465d88-FRA

GET
H2 200 v1_6_1.css
widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/css/ 22 KB
7 KB 25ms
23ms Stylesheet
text/css 2600:9000:243d:a400:15:f55c:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/css/v1_6_1.css
Requested by: Host: widgets.jobbio.com
URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:a400:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52fe780d03e98dcb4524e857426d1f7d10559ae6454cc38e551a8e307e93eaff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 07:55:07 GMT
content-encoding: gzip
via: 1.1 47c4e8338b148239463956ff49af0736.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 13:36:16 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 50801
x-amz-server-side-encryption: AES256
etag: W/"643d296f71aecc58315f029ce08a1907"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 0qow2Fd4wvTVS1b1lQ0lvxqMMdOJLnyxRKc9y70-rSUloMn3Ovl7_w==

GET
H2 200 css2
fonts.googleapis.com/ 14 KB
945 B 32ms
31ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;500;600;700&display=swap

Requested by

Host: widgets.jobbio.com
URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2177ae3e829faf96e725d696a6bcb2e3ec1ec261796b60a46ea25b857d2ac469

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 21 Oct 2023 20:46:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 21 Oct 2023 22:01:47 GMT

GET
H2 200 imp.min.js Show response
widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/js/ 975 B
1 KB 25ms
24ms Script
application/javascript 2600:9000:243d:a400:15:f55c:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/js/imp.min.js
Requested by: Host: widgets.jobbio.com
URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:a400:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 199f663b1a66c7a8e537f5dea8d81130275d196fd6a49bcf113bb24890bc7fdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 08:53:37 GMT
via: 1.1 47c4e8338b148239463956ff49af0736.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 13:36:31 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 47292
x-amz-server-side-encryption: AES256
etag: "d6fbf90b6327a8b219debe00d553ed30"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 975
x-amz-cf-id: 2l9uz7ZAQN2UXyHZyrEu8nDEbGWGV7SO_TYgYv1aI2de1jCGRYt1Ow==

GET
H2 200 ind-imp.min.js Show response
widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/js/ 1000 B
893 B 26ms
25ms Script
application/javascript 2600:9000:243d:a400:15:f55c:78c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/assets/js/ind-imp.min.js
Requested by: Host: widgets.jobbio.com
URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:a400:15:f55c:78c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e5d4f2c71d4d92ebca415fbdf96e7a98795534cf09a8d47e4ea6e2306034349d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 05:28:51 GMT
content-encoding: gzip
via: 1.1 47c4e8338b148239463956ff49af0736.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 13:36:31 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 59576
x-amz-server-side-encryption: AES256
etag: W/"0ebf28c600267ede04c956ac7397d0eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: AyCUqQMElXMEIPB5y4Z5jDkbv4bL_CGznrJnjP3HvocbbybizCj1ZA==

GET
H/1.1 200
OK techspot-jobs Show response
widget-api.jobbio.com/channels/ 871 B
1 KB 183ms
50ms Fetch
application/json 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-api.jobbio.com/channels/techspot-jobs?widgets=true

Requested by

Host: widgets.jobbio.com
URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-52-84.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

3e676f1e49b0086215537ae4333046e1a7b64af5cd33c72e6fb4732bfe6432c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 22:01:47 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Vary: Accept, Origin, Cookie
Content-Type: application/json
Allow: GET, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 871

POST
H3 204 rum Show response
www.techspot.com/cdn-cgi/ 0
142 B 26ms
26ms XHR
text/plain 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.techspot.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: application/json

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://www.techspot.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 819cc7f7ad4f5d88-FRA

GET
H3 200 2023-10-19-image-17-j_1100.webp
www.techspot.com/images2/news/bigimage/2023/10/ 48 KB
48 KB 1197ms
1196ms Image
image/webp 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images2/news/bigimage/2023/10/2023-10-19-image-17-j_1100.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52993501ff9dcfa9cca6ab933e4c5a736324790e71c0b877ae0a5b41cb35911c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:48 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: EXPIRED
content-security-policy: upgrade-insecure-requests
remote-ip: 2001:1b60:1010:2:1012:8bd8:e4e9:d2f3, 172.69.150.216, 127.0.0.1
content-length: 48696
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 19 Oct 2023 17:56:27 GMT
server: cloudflare
etag: "65316dcb-be38"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/webp
accept-ranges: bytes
cf-ray: 819cc7f7ad525d88-FRA

GET
H3 200 2020-08-24-ts3_thumbs-fe7-small.jpg
www.techspot.com/images2/news/ts3_thumbs/2020/08/ 37 KB
37 KB 61ms
59ms Image
image/webp 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images2/news/ts3_thumbs/2020/08/2020-08-24-ts3_thumbs-fe7-small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02981cd2c7b6e2d3834414bb95ac04eda2d30afaf9930ac69a6eef361fbd4bbc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 1359
remote-ip: 2a02:8071:8286:aec0::3905, 172.69.150.112, 127.0.0.1
content-length: 38034
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Aug 2020 07:18:03 GMT
server: cloudflare
etag: "5f4369ab-9492"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
accept-ranges: bytes
cf-ray: 819cc7f7ad565d88-FRA

GET
H3 200 2023-06-13-ts3_thumbs-47b-small.jpg
www.techspot.com/images2/news/ts3_thumbs/2023/06/ 47 KB
47 KB 40ms
38ms Image
image/webp 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images2/news/ts3_thumbs/2023/06/2023-06-13-ts3_thumbs-47b-small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a0f5c00502b95af3e868f959674203a58f611d35a124d4b5ffeca01d4b2dbb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 4566
remote-ip: 95.176.166.117, 172.69.150.66, 127.0.0.1
content-length: 47620
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 13 Jun 2023 06:40:19 GMT
server: cloudflare
etag: "64880f53-ba04"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
accept-ranges: bytes
cf-ray: 819cc7f7ad575d88-FRA

GET
H3 200 2023-10-17-ts3_thumbs-eb4-small.jpg
www.techspot.com/images2/news/ts3_thumbs/2023/10/ 32 KB
32 KB 62ms
61ms Image
image/webp 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images2/news/ts3_thumbs/2023/10/2023-10-17-ts3_thumbs-eb4-small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

caa41662f2f91c509d46f41da34021abf8451ddf34f057f58cb391572ae5ccaf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 1790
remote-ip: 178.201.119.97, 172.69.151.60, 127.0.0.1
content-length: 32810
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 17 Oct 2023 12:58:54 GMT
server: cloudflare
etag: "652e850e-802a"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
accept-ranges: bytes
cf-ray: 819cc7f7ad585d88-FRA

GET
H3 200 2022-07-08-ts3_thumbs-f17-small.jpg
www.techspot.com/images2/news/ts3_thumbs/2022/07/ 10 KB
10 KB 82ms
81ms Image
image/webp 2606:4700:10::ac43:1d23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.techspot.com/images2/news/ts3_thumbs/2022/07/2022-07-08-ts3_thumbs-f17-small.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:1d23 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abeffa681b668d7cc6e70f378f47878836f26c2aff41cb3a03df156cf8930685

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=63072000
cf-cache-status: HIT
content-security-policy: upgrade-insecure-requests
age: 6186
remote-ip: 169.150.197.118, 172.69.150.250, 127.0.0.1
content-length: 9780
x-xss-protection: 1; mode=block
alt-svc: h3=":443"; ma=86400
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 08 Jul 2022 15:10:19 GMT
server: cloudflare
etag: "62c848db-2634"
vary: Accept, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/webp
accept-ranges: bytes
cf-ray: 819cc7f7ad595d88-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
255 B 85ms
31ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6CYPWEH2JE&gtm=45je3ai0&_p=2142471467&_gaz=1&cid=48978968.1697925708&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1697925707&sct=1&seg=0&dl=https%3A%2F%2Fwww.techspot.com%2Fnews%2F100555-malvertising-attack-uses-punycode-character-spread-malware-through.html&dt=A%20clever%20Google-hosted%2C%20malicious%20ad%20fakes%20the%20KeePass%20website%20%7C%20TechSpot&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CYPWEH2JE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 22:01:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 86ms
29ms Ping
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6CYPWEH2JE&cid=48978968.1697925708&gtm=45je3ai0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6CYPWEH2JE&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 22:01:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 84ms
34ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6CYPWEH2JE&cid=48978968.1697925708&gtm=45je3ai0&aip=1&z=328328413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 22:01:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 366ms
118ms Image
image/gif 3.221.111.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=techspot.com&p=%2Fnews%2F100555-malvertising-attack-uses-punycode-character-spread-malware-through.html&u=Bzn7AGCBZTSSCKfFrE&d=techspot.com&g=14596&g0=home%2C%20news%2C%20security%2C%20web%2C%20malvertising%2C%20keepass&g1=Alfonso%20Maruccia&n=1&f=00001&c=0&x=0&m=0&y=5103&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.techspot.com%2Fnews%2F100555-malvertising-attack-uses-punycode-character-spread-malware-through.html&b=1755&t=DSComMDB7iD3CEDUUpCd3On2PiNyH&V=141&i=A%20clever%20Google-hosted%2C%20malicious%20ad%20fakes%20the%20KeePass%20website%20%7C%20TechSpot&tz=-120&_acct=anon&sn=1&sv=DzWdwajLkj0CW-LevP7eW9BbT8Ls&sd=1&im=067b0fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.221.111.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-221-111-246.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 21 Oct 2023 22:01:47 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 31ms
30ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2142471467&t=pageview&_s=1&dl=https%3A%2F%2Fwww.techspot.com%2Fnews%2F100555-malvertising-attack-uses-punycode-character-spread-malware-through.html&ul=en-us&de=UTF-8&dt=A%20clever%20Google-hosted%2C%20malicious%20ad%20fakes%20the%20KeePass%20website%20%7C%20TechSpot&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=14483413&gjid=503282045&cid=48978968.1697925708&tid=UA-108935-1&_gid=769725715.1697925708&_r=1&gtm=457e3ai0&jsscut=1&z=174131459

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 21 Oct 2023 22:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 inference.js Show response
ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/ 18 KB
5 KB 136ms
61ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/inference/v/0.7.1/inference.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 56317
x-cache: HIT
content-length: 5464
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Mon, 04 Oct 2021 07:39:43 GMT
server: AmazonS3
x-timer: S1697925708.639663,VS0,VE0
etag: "a777fcd9584e62f04dc53d548d8adb31"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000,immutable
accept-ranges: bytes
x-cache-hits: 856

GET
H2 200 googima.js Show response
ssl.p.jwpcdn.com/player/v/8.29.0/ 74 KB
22 KB 135ms
61ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/googima.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 105933481e535b109533e3cc21dbd150a4e91de57a58cb25b3d705cb22f5d989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 3650
x-cache: HIT
content-length: 22437
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Mon, 02 Oct 2023 22:03:25 GMT
server: AmazonS3
x-timer: S1697925708.639678,VS0,VE0
etag: "2fe1c579d9356ff9521421da65df30f8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, immutable
accept-ranges: bytes
x-cache-hits: 414

GET
H2 200 bidding.js Show response
ssl.p.jwpcdn.com/player/v/8.29.0/ 440 KB
138 KB 136ms
62ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/bidding.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6332d3dd6a62e8cbac410ad5c2426af9b876a0d48f2789806c4b0754e5a3ddf7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1306
x-cache: HIT
content-length: 141382
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Thu, 19 Oct 2023 18:55:12 GMT
server: AmazonS3
x-timer: S1697925708.639154,VS0,VE1
etag: "636a01196df62b17ad86e2e3e44b2b6b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.29.0/ 64 KB
19 KB 134ms
61ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/jwpsrv.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 683
x-cache: HIT
content-length: 19606
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Mon, 02 Oct 2023 22:03:26 GMT
server: AmazonS3
x-timer: S1697925708.639704,VS0,VE0
etag: "3ce929563cdc089513e92ce60145673b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, immutable
accept-ranges: bytes
x-cache-hits: 306

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.29.0/ 318 KB
84 KB 95ms
22ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/jwplayer.core.controls.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c4716092f12c43127bde81ec43d177867923da7a413316d9d0a1c8459943c1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1549513
x-cache: HIT
content-length: 85285
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Mon, 02 Oct 2023 22:03:18 GMT
server: AmazonS3
x-timer: S1697925708.639183,VS0,VE0
etag: "5f1aa3e16060fbd8fe0bd3918d8a43e3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 139888

GET
H2 200 0ppboh2c Show response
cdn.jwplayer.com/v2/playlists/ 68 KB
8 KB 69ms
26ms XHR
application/json 2600:9000:225e:fa00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.jwplayer.com/v2/playlists/0ppboh2c?format=json&page_domain=www.techspot.com
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:fa00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 5b9b4b993497db4d149c1ddef82781839cf9191c58704a3996431887e4f8bb9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 21:59:05 GMT
content-encoding: gzip
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA60-P4
age: 162
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=180, max-stale=180
x-robots-tag: noindex, indexifembedded
content-length: 7778
x-amz-cf-id: ysrpSalw_PkwUnOOjnV6T-qrUBQvFKTWLWHs7-aGKz1Ul4vHx_hCXA==
expires: Sat, 21 Oct 2023 22:02:05

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108935-1&cid=48978968.1697925708&jid=14483413&gjid=503282045&_gid=769725715.1697925708&_u=YADAAUAAAAAAACAAI~&z=1206091957

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 21 Oct 2023 22:01:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.techspot.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.29.0/ 413 KB
124 KB 61ms
61ms Script
application/javascript 2a04:4e42:200::626
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.29.0/provider.hlsjs.js
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::626 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d76cb17b3bd9640de472967669e9fd1fc906ff36dad542c4ba7fbda863dd0e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 1558836
x-cache: HIT
content-length: 126154
x-served-by: cache-fra-eddf8230123-FRA
last-modified: Mon, 02 Oct 2023 22:03:21 GMT
server: AmazonS3
x-timer: S1697925708.640140,VS0,VE0
etag: "8c1d575c2d94e44fc03052842279a635"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 125337

GET
H/1.1 200
OK feed Show response
widget-api.jobbio.com/channels/techspot-jobs/ 4 KB
4 KB 70ms
70ms Fetch
application/json 52.212.52.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget-api.jobbio.com/channels/techspot-jobs/feed?search=&page_size=4&source=techspot-jobs_horizontal_jobs_widget&widgets=true&page=https%3A%2F%2Fwww.techspot.com%2Fnews%2F100555-malvertising-attack-uses-punycode-character-spread-malware-through.html

Requested by

Host: widgets.jobbio.com
URL: https://widgets.jobbio.com/partner_fluid_widgets_v1.6.1/display.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.212.52.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-212-52-84.eu-west-1.compute.amazonaws.com

Software

gunicorn /

Resource Hash

9525a1516b261b52e5c93bb6a35df233c93c4f59d39cf18c042a1d9e70e3c06c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sat, 21 Oct 2023 22:01:47 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Referrer-Policy: same-origin
Server: gunicorn
X-Frame-Options: DENY
Vary: Accept, Origin, Cookie
Content-Type: application/json
Allow: GET, HEAD, OPTIONS
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 3710

GET
H2 200 2WYbPFf8EeqhAWKlm8fO5A.json Show response
entitlements.jwplayer.com/ 69 B
249 B 148ms
33ms XHR
application/json 152.199.22.243
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://entitlements.jwplayer.com/2WYbPFf8EeqhAWKlm8fO5A.json
Requested by: Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (amb/6AF5) /
Resource Hash: 5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
last-modified: Sat, 21 Oct 2023 19:59:17 GMT
server: ECAcc (amb/6AF5)
age: 7350
vary: Accept-Encoding
x-cache: HIT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800, s-maxage=20220
accept-ranges: bytes
content-length: 80

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 362 KB
125 KB 131ms
33ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.jwplayer.com
URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2b62fdeda07eb6006a6c2cd6ca5c103f7eabb0d28409ef2d2609f4d5898029f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 22:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127115
x-xss-protection: 0
expires: Sat, 21 Oct 2023 22:01:47 GMT

GET
DATA 200
OK truncated
/ 813 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0629379ff7c94bbf635135263fea258bf7bc2610e940bc984b86b549ceee4fb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 30c7e3fdfbfb52807c43670da545d028
d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/ 9 KB
10 KB 93ms
27ms Image
image/jpeg 18.154.63.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/30c7e3fdfbfb52807c43670da545d028
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57078389f58a26508c812c803aa2c917358188066c6ed177ff4143c0f9bf7cf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 27 Jun 2023 08:14:51 GMT
via: 1.1 7f4a5e86662d54d3fe35c4c143a928ce.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 23:36:52 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 10072017
etag: "1ef0b628cb08b05ed40a1ac90a2082d2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 9686
x-amz-cf-id: XOmFHb8oWuo1rx6_vw5CSBsDB1sp58yjE4kBsRVD_RaT9bsAW9KBDw==
expires: Fri, 13 Aug 2032 18:36:51 CDT

GET
H2 200 db02284ce0e82c55ee4746862d4d6065
d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/ 4 KB
4 KB 91ms
25ms Image
image/jpeg 18.154.63.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/db02284ce0e82c55ee4746862d4d6065
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f41ea7cbfead74b2f7f0b578a66d127dadb34685d7f373d1c4e1f6359691b41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 11 Oct 2023 09:51:04 GMT
via: 1.1 7f4a5e86662d54d3fe35c4c143a928ce.cloudfront.net (CloudFront)
last-modified: Mon, 07 Mar 2022 21:50:09 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 907844
etag: "31a95328bbfa0e061ffd7d58e3dedbe3"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 3706
x-amz-cf-id: WEcre9eyd3UViMikzi2z_Z9JSRzEF3DVgdbSPeSs5wEKroeGtFYzGg==
expires: Thu, 04 Mar 2032 15:50:08 CST

GET
H2 200 image-1696286986220.jpeg
d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/ 2 KB
3 KB 86ms
24ms Image
image/webp 2600:9000:243d:ba00:14:ad08:9b00:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1avm1cbyhi830.cloudfront.net/fit-in/images2/topic/new/image-1696286986220.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:ba00:14:ad08:9b00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 423bf0d390e28d5159f26188ed61e3dfbdb1450c1216f161b4ebbbc9f1e21343

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Mon, 09 Oct 2023 20:13:09 GMT
via: 1.1 a74cf6cfc1ea8a64e3a2b04b4552c2d2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 1043318
x-amzn-requestid: c522120b-41b6-4591-a9c7-c16c84607c23
x-cache: Hit from cloudfront
x-amz-apigw-id: MjPBdEl2DoEF1vQ=
content-length: 2232
last-modified: Mon, 02 Oct 2023 22:49:47 GMT
x-amzn-trace-id: Root=1-65245ed5-21c5e5e07ac0c46057b93b8f
access-control-allow-methods: GET
content-type: image/webp
cache-control: max-age=31536000,public
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: dcOZDSH5N01YPmtHa0XPJrj0BsxQnw8ZlWZDum3O6CwkKH2FKkjqWg==

GET
H2 200 064eff7aab72cb84fbb7f92b82f6ac4a
d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/ 3 KB
3 KB 91ms
25ms Image
image/jpeg 18.154.63.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2q79iu7y748jz.cloudfront.net/s/_squarelogo/256x256/064eff7aab72cb84fbb7f92b82f6ac4a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.154.63.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-154-63-53.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f4933c53e989223cbff10634bbc022fe9dee5d438f1ce82215fb7f8005428398

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.techspot.com/news/100555-malvertising-attack-uses-punycode-character-spread-malware-through.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 01:17:59 GMT
via: 1.1 7f4a5e86662d54d3fe35c4c143a928ce.cloudfront.net (CloudFront)
last-modified: Sun, 27 Jun 2021 13:54:51 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
age: 24612229
etag: "6777de455598c923cbe63a6d01b1bf8c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 2997
x-amz-cf-id: PglYRPLqlpb35R1qfULXWftJ8ZHhWxsVbCfaDJB7Q-XL8Wv9Wk3TAA==
expires: Wed, 25 Jun 2031 08:54:49 CDT

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.techspot.com/	1969-12-31 23:59:59	Name: tchsptV05csrf Value: 7LQ91rXswrhBMjwG
.www.techspot.com/	1970-01-21 00:24:21	Name: usprivacy Value: 1YNN
.techspot.com/	1970-01-21 01:14:45	Name: _ga_6CYPWEH2JE Value: GS1.1.1697925707.1.0.1697925707.60.0.0
.techspot.com/	1970-01-21 01:07:33	Name: _cb Value: Bzn7AGCBZTSSCKfFrE
.techspot.com/	1970-01-21 01:07:33	Name: _chartbeat2 Value: .1697925707523.1697925707523.1.DzWdwajLkj0CW-LevP7eW9BbT8Ls.1
.techspot.com/	1970-01-20 15:38:47	Name: _cb_svref Value: null
.techspot.com/	1970-01-21 01:14:45	Name: _ga Value: GA1.2.48978968.1697925708
.techspot.com/	1970-01-20 15:40:12	Name: _gid Value: GA1.2.769725715.1697925708
.techspot.com/	1970-01-20 15:38:45	Name: _gat_gtag_UA_108935_1 Value: 1
.servebom.com/	1970-01-21 00:24:21	Name: u Value: 3472076FCFAB4A9B84F673254E24D6DA
www.techspot.com/	1970-01-20 17:25:33	Name: h_id Value: 3472076FCFAB4A9B84F673254E24D6DA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://cdn.jwplayer.com/libraries/YqaVdd6L.js(Line 9) Message: Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6093eccf-6734-4877-ac8b-83d6d0e27b46.edge.permutive.app
ads.servebom.com
audit-tcfv2.cmp.quantcast.com
bordeaux.futurecdn.net
cdn.jwplayer.com
champagne.futurecdn.net
cmp.quantcast.com
d1avm1cbyhi830.cloudfront.net
d2q79iu7y748jz.cloudfront.net
entitlements.jwplayer.com
fonts.googleapis.com
fonts.gstatic.com
freyr.futurecdn.net
imasdk.googleapis.com
pagead2.googlesyndication.com
ping.chartbeat.net
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
sommelier.futurehybrid.tech
ssl.p.jwpcdn.com
static.chartbeat.com
static.cloudflareinsights.com
static.techspot.com
stats.g.doubleclick.net
test.cmp.quantcast.com
widget-api.jobbio.com
widgets.jobbio.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
www.techspot.com
151.139.128.10
152.199.22.243
18.154.63.53
2001:4860:4802:32::36
2600:9000:2171:3600:18:1fcd:353:c61
2600:9000:224a:1200:6:44e3:f8c0:93a1
2600:9000:224a:4c00:12:b587:d880:93a1
2600:9000:225e:fa00:1:a3fa:7cc0:93a1
2600:9000:243d:800:5:a6be:f9c0:93a1
2600:9000:243d:a400:15:f55c:78c0:93a1
2600:9000:243d:ba00:14:ad08:9b00:21
2600:9000:248c:4c00:19:ee95:9600:93a1
2600:9000:2644:5000:3:a4cd:8380:93a1
2600:9000:2644:d000:9:46dc:4700:93a1
2606:4700:10::ac43:1d23
2606:4700:4400::6812:29aa
2606:4700::6810:3965
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:803::2002
2a00:1450:4001:808::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:400c:c0b::9c
2a04:4e42:200::626
3.221.111.246
3.64.168.81
34.249.165.10
52.212.52.84
02981cd2c7b6e2d3834414bb95ac04eda2d30afaf9930ac69a6eef361fbd4bbc
056c8acee66105032f878177b7d8925e6abffd1fab079c0b8c69322d86413214
0629379ff7c94bbf635135263fea258bf7bc2610e940bc984b86b549ceee4fb2
0685fafcd790f79cc4953449c139c981050a64102ad47f45b809c41066bc4e97
0d76cb17b3bd9640de472967669e9fd1fc906ff36dad542c4ba7fbda863dd0e8
105933481e535b109533e3cc21dbd150a4e91de57a58cb25b3d705cb22f5d989
190a8191dc3cafd761ff10a353d5f4d87f8241bb475305cb366cc0b5e7e16cfe
199f663b1a66c7a8e537f5dea8d81130275d196fd6a49bcf113bb24890bc7fdc
2177ae3e829faf96e725d696a6bcb2e3ec1ec261796b60a46ea25b857d2ac469
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
25be69adabd71c125160258e85e02c549f430d52041a2c276db41e04eecdf9de
2777728b6a843d0c9f4cf48ee4ae0d6578ee7c565c15c32c29e48640893d52ee
2b2476cab823471b9c40fa67d39a2ea001f65bfd7cd141ced9eda01b10b7ca98
2f74dd05407bb52878522f442af01257f96ddb52dbdbfa92327ca58c742b9787
37d14d6c20c6a27232f36167ac79f675c3e56dceb632e89669a77339aa4ddaa3
3baa228ad347ad801e2b86b901b4f25a5fe00752a58d0f46fe3fa4f5f5a9bd4f
3e676f1e49b0086215537ae4333046e1a7b64af5cd33c72e6fb4732bfe6432c3
3f41ea7cbfead74b2f7f0b578a66d127dadb34685d7f373d1c4e1f6359691b41
423bf0d390e28d5159f26188ed61e3dfbdb1450c1216f161b4ebbbc9f1e21343
436fe3d64434d3101b2bbced702e7a35526766147083da03f936097246a192bc
46af09a4b95a6d4752b77f2644420d30923309dde813616ddd982ad2791fb570
517edd119c5b2719e6ac4b30bf1fd864a6395179a41d273c0afc0696e7495d8e
52993501ff9dcfa9cca6ab933e4c5a736324790e71c0b877ae0a5b41cb35911c
52fe780d03e98dcb4524e857426d1f7d10559ae6454cc38e551a8e307e93eaff
5427e10c23520fbca480e8750c7e03dc2858eee594081879ea72a559bbd9fa81
553be0a5b4657350212a9c36d235cc92d4b0dc01cfb0867d83c2aecfeb6486d2
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
57078389f58a26508c812c803aa2c917358188066c6ed177ff4143c0f9bf7cf5
5b9b4b993497db4d149c1ddef82781839cf9191c58704a3996431887e4f8bb9f
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
6332d3dd6a62e8cbac410ad5c2426af9b876a0d48f2789806c4b0754e5a3ddf7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca31300f3b409ce6976a80887cdc3af11a17968842825f0f06c1368f8dc6495
70ce0ccccb5a5920b8f1a9b9f27d002e6a34947d288e8c1c27680ddf4c56b334
852d8795faedfac3e0adf9f61394013eddb06bf973561c0ced55f73b49fb54b8
8b0bacc432439cf9d8c65a2439277ba2a090c1d1da5686d7126be279854e56f4
8f761243a6058caea2177695e5807de4c70143b6631f91a111135b2ddcba0742
9525a1516b261b52e5c93bb6a35df233c93c4f59d39cf18c042a1d9e70e3c06c
9c4716092f12c43127bde81ec43d177867923da7a413316d9d0a1c8459943c1d
a19d28fce39f992a9b883a20a62a5906b53cc913941f57b9d3f69a28510c2ba4
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
abeffa681b668d7cc6e70f378f47878836f26c2aff41cb3a03df156cf8930685
ba34abe5f7db9bccc4e96465f09ab91bf5393f22dd0acfc2c0e304dd3d94e66a
c1caf0968766a80d732fdc70af86fc1d82f4408a420bdbbf165e54fe458497cc
c27338817399eb96e0d553bc509b43cbd62b3e07c656d41d8b50f2544ca149f3
c730b1c98817a669fb10c327e149b55347e307d50fe9266449c124ac034e9f34
c852c1d25f1a5d590d42dd3234b26e757c7590727588da641eed9d8fc7f7d0f1
caa41662f2f91c509d46f41da34021abf8451ddf34f057f58cb391572ae5ccaf
cce768cee839e01c304a426f0dbce4298f6024d856d1abe69efe450ac35863b4
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2b62fdeda07eb6006a6c2cd6ca5c103f7eabb0d28409ef2d2609f4d5898029f
d9a0f5c00502b95af3e868f959674203a58f611d35a124d4b5ffeca01d4b2dbb
daf6ccd16572d87b06e042f7f6354ee54510b0ff427a7b226b8432cb3511a527
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfa8b11e458ee0dba409f2eab41db2eaa20700a0a0951680445f6abd9c18da6a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d4f2c71d4d92ebca415fbdf96e7a98795534cf09a8d47e4ea6e2306034349d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f058511b904de35902f814231968fab5d08b56ce444e3fdefa0d33e9cf1ec5be
f1e0184af142423fd6940c2931334caf35f26a55a8b2a5eb44c07b297d11b814
f3b17f9af560b005fba3b568590792d952f2bd4a9e5cfe0357b0ecdd545ca16c
f4933c53e989223cbff10634bbc022fe9dee5d438f1ce82215fb7f8005428398
f720d4434341a72ecaba1614be552b3d629bedc9da07aabf9660c6dff96cdce1

www.techspot.com Open in urlscan Pro 2606:4700:10::ac43:1d23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

67 Requests

97 %HTTPS

77 %IPv6

23 Domains

32 Subdomains

32 IPs

4 Countries

1809 kBTransfer

6236 kBSize

11 Cookies

16 Outgoing links

Redirected requests

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.techspot.com Open in urlscan Pro
2606:4700:10::ac43:1d23 Public Scan

Screenshot
Live screenshot

Full Image

67
Requests

97 %
HTTPS

77 %
IPv6

23
Domains

32
Subdomains

32
IPs

4
Countries

1809 kB
Transfer

6236 kB
Size

11
Cookies

67 HTTP transactions
2 data transactions