www.infosecurity-magazine.com Open in urlscan Pro
13.32.99.111  Public Scan

13 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

• https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2 HTTP 302
• https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2&e_ipv6=AQLiQqSKl2O-zQAAAZA15a6esUFifW6UYw3FW5jR4La-YkigJyYKG5FyQrZ_KJ1_x4N-ecOzKlC8

Request Chain 78

• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&value=0&npa=1&pscdl=noapi&auid=948257336.1718891162&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAI8KbPswYQ8bDdmeCCqL9QEh0AfvvZtFspVkYfioedOVQ5xcRQFDDzv-Th7cp-Jw&pscrd=IhMIp9etyajqhgMV8k0eAh2u5QVwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs HTTP 302
• https://www.google.com/pagead/1p-conversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&value=0&npa=1&pscdl=noapi&auid=948257336.1718891162&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIp9etyajqhgMV8k0eAh2u5QVwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooLhh4ktBGmHE2Gb9KIJkMv2Ha7kncqew&eitems=ChAI8KbPswYQ8bDdmeCCqL9QEh0AfvvZtCHRGvdBZEPuLip8pf2JOKl38XIJJvLCcw&random=1263642732 HTTP 302
• https://www.google.de/pagead/1p-conversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&value=0&npa=1&pscdl=noapi&auid=948257336.1718891162&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIp9etyajqhgMV8k0eAh2u5QVwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooLhh4ktBGmHE2Gb9KIJkMv2Ha7kncqew&eitems=ChAI8KbPswYQ8bDdmeCCqL9QEh0AfvvZtCHRGvdBZEPuLip8pf2JOKl38XIJJvLCcw&random=1263642732&ipr=y

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/	99 KB 26 KB	115ms 64ms	Document text/html	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash d8513a94fae825226c381bed2927864373771e8088a35a0a9284207ba4a0bccc Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-headers Content-Type access-control-allow-methods * age 45 cache-control public, proxy-revalidate, max-age=300 content-encoding br content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content content-type text/html; charset=utf-8 date Thu, 20 Jun 2024 13:45:16 GMT feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' last-modified Wed, 19 Jun 2024 13:00:00 GMT permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() referrer-policy same-origin server RX vary Accept-Encoding via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-id jTkpF8A3uY3953BdiAzbmftWtDPdYGKP6vTyrK2rz7DcGl4Abc0MlA== x-amz-cf-pop FRA60-P3 x-cache Hit from cloudfront x-content-type-options nosniff x-frame-options SAMEORIGIN x-ua-compatible IE=Edge x-xss-protection 1; mode=block
GET H3	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	97 KB 31 KB	131ms 71ms	Script text/javascript	216.58.206.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s08-in-f2.1e100.net Software cafe / Resource Hash 067a5f735621ba6a90858d64003538ec6b5cf641c6cd1552fcd7c60e2215426b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:01 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31220 x-xss-protection 0 server cafe etag 421 / 19894 / m202406170101 / config-hash: 14997576527542831184 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 20 Jun 2024 13:46:01 GMT
GET H2	200	jquery.min.js Show response cdn.jsdelivr.net/npm/jquery@3.7.0/dist/	85 KB 31 KB	75ms 24ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/jquery@3.7.0/dist/jquery.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Jun 2024 13:46:01 GMT x-content-type-options nosniff content-encoding br age 2018963 x-jsd-version 3.7.0 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 32087 x-served-by cache-fra-etou8220041-FRA x-jsd-version-type version etag W/"155a6-Wp7qw02G6S5WYOD0+HIE8e0Mj/Y" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	underscore-min.min.js Show response cdn.jsdelivr.net/npm/underscore@1.13.6/	19 KB 8 KB	71ms 20ms	Script application/javascript	2a04:4e42::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/underscore@1.13.6/underscore-min.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash bb20d24b99fd1eae4fd77c1e833ce0a4536189961ceb1114fd272ca31e8ebd82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload date Thu, 20 Jun 2024 13:46:01 GMT x-content-type-options nosniff content-encoding br age 1170436 x-jsd-version 1.13.6 x-cache HIT cross-origin-resource-policy cross-origin alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length 8075 x-served-by cache-fra-etou8220041-FRA x-jsd-version-type version etag W/"4d5b-1Barardb3Bq5uc0bP3wXZk8NDAQ" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable accept-ranges bytes timing-allow-origin *
GET H2	200	phq8nwg.css use.typekit.net/	11 KB 1 KB	256ms 128ms	Stylesheet text/css	2a02:26f0:3500:16::215:1492 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/phq8nwg.css Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 85b50ffe6b0cb56f765532dbac925599ddd984fcaefb0e2590099105dbd044da Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; content-encoding gzip date Thu, 20 Jun 2024 13:46:02 GMT server nginx vary Accept-Encoding content-type text/css;charset=utf-8 access-control-allow-origin * cache-control private, max-age=600, stale-while-revalidate=604800 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 1297
GET H2	200	base.min.css www.infosecurity-magazine.com/_common/css/23080201/	66 KB 10 KB	24ms 23ms	Stylesheet text/css	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/css/23080201/base.min.css?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash c08e633b39381743b6e6bca9c5922e9aa9ba5f3044c29031b0076a47b4af1927 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 19:13:00 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 age 66781 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Mon, 13 May 2024 16:27:29 GMT server RX etag W/"7f74b27252a5da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type text/css vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id 1Jl8sWgbQMX5-GQc1Q9JsMJ-bf8JfGx0Q8yZOXGFN0PQ_OpVhMxXkg==
GET H2	200	article.min.css www.infosecurity-magazine.com/_common/css/23080201/	5 KB 3 KB	25ms 24ms	Stylesheet text/css	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/css/23080201/article.min.css?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash 778f93243401b2fd6663834b51f4d3f32012d6ee11f40f6169af721331bd1682 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 15:58:05 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 age 78476 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Mon, 13 May 2024 16:27:29 GMT server RX etag W/"41ed17352a5da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type text/css vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id UdJ0g963zBke63qe5fx7XRfUl96rOUBRK697SVndnz45Qd9_WDVGMA==
GET H2	200	otSDKStub.js Show response cdn.cookielaw.org/scripttemplates/	21 KB 7 KB	91ms 48ms	Script application/javascript	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/otSDKStub.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 022e2f39deba7f332eabe69b27b31d98d4d5f2535116745957a691d1b1ec4cc5 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:01 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 ceCldLDyZN6bSQL6yyKLMg== age 71800 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 6882 x-ms-lease-status unlocked last-modified Wed, 19 Jun 2024 02:33:16 GMT server cloudflare etag 0x8DC90082CE6C842 vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id dcb52db7-a01e-00a0-4c63-c25cec000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33e16c5a4d32-FRA
GET H2	200	ism.js Show response www.infosecurity-magazine.com/_common/js/23080201/	5 KB 3 KB	25ms 24ms	Script application/javascript	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/js/23080201/ism.js?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash fded88b84aecf0d550b1d26a85a971351a138a573dbd6bd88cb646de1e7ab42a Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 19 Jun 2024 15:53:57 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 age 78724 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 03 Aug 2023 12:59:01 GMT server RX etag W/"6a124d46ac6d91:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/javascript vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id 7CfbBdXgOk5WwRmS_C5B9KbWRPJIcKIpY_XzBnse8y3y5xxys2oT2A==
GET H2	200	ism.ads.es5.min.js Show response www.infosecurity-magazine.com/_common/js/23080201/ism/	6 KB 3 KB	23ms 23ms	Script application/javascript	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.ads.es5.min.js?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash cbe5296bf61f4ee88ecab204fe1ec3a144660caa32b71d9744f01102286df62a Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 00:01:44 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 age 49458 x-cache Hit from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Mon, 13 May 2024 16:27:43 GMT server RX etag W/"8380237b52a5da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/javascript vary Accept-Encoding feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id YApUyMmQejXu3ZwJkU31AXnLL7C4JpUc4C1Lw__yTMxYiCoQ5zSsXQ==
GET H2	200	ism.whatshot.es5.min.js Show response www.infosecurity-magazine.com/_common/js/23080201/ism/	851 B 2 KB	22ms 22ms	Script application/javascript	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.whatshot.es5.min.js?v=23080201 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash ecde3c0d9f4721fd5bc3989d1e6103966b836786849f65ead031a1c758687ef0 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 01:04:38 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 age 45684 x-cache Hit from cloudfront content-length 851 x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Mon, 13 May 2024 16:27:41 GMT server RX etag "36352a7a52a5da1:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/javascript feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() accept-ranges bytes access-control-allow-headers Content-Type x-amz-cf-id 15qlJRwp_mKNLfO5EoPh1Ob988AFWHD61khy-oQkNqTew-p7824snw==
GET H2	200	p.css p.typekit.net/	5 B 173 B	151ms 34ms	Stylesheet text/css	2a02:26f0:3500:16::215:1495 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://p.typekit.net/p.css?s=1&k=phq8nwg&ht=tk&f=15982.15984.37450.16353.37464.37466.37515.37516.37517.37518.37519.37520.51838.51839.51840.51841&a=6157095&app=typekit&e=css Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT last-modified Sun, 19 May 2024 12:57:48 GMT server nginx etag "6649f74c-5" content-type text/css access-control-allow-origin * cache-control public, max-age=604800 cross-origin-resource-policy cross-origin accept-ranges bytes content-length 5
GET H2	200	6b575081-117f-49ba-bff7-347875107505.json Show response cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/	4 KB 2 KB	97ms 54ms	XHR application/x-javascript	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/6b575081-117f-49ba-bff7-347875107505.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 320b23415a9ca25f7546db36c5b7e2e2104f8c62e73fbdb184c03dc0948e3afb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 25143 content-md5 cmmGmuVtZN6ImPkSS45ukA== content-length 1562 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 06:44:02 GMT server cloudflare etag 0x8DC90F45F43E159 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 404c29b0-b01e-00d9-3edd-c235a6000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33e40d1d9735-FRA expires Fri, 21 Jun 2024 13:46:02 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	311 KB 105 KB	104ms 52ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1cdc0597f93aed640e58d5a857b57b09fff64e6a3c0d3e82da857434a0dc759d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 107336 x-xss-protection 0 last-modified Thu, 20 Jun 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Jun 2024 13:46:02 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	85ms 21ms	Script text/javascript	2a00:1450:4001:80f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 20 Jun 2024 13:41:03 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 299 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Thu, 20 Jun 2024 15:41:03 GMT
GET H3	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/	463 KB 144 KB	21ms 21ms	Script text/javascript	216.58.206.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s08-in-f2.1e100.net Software cafe / Resource Hash 89b0b3f3ff210a3f74e23c972eb9e702fe969dd53ef3082e39af55000d7f964f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 11:16:45 GMT content-encoding br x-content-type-options nosniff age 8957 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 147664 x-xss-protection 0 server cafe etag 1926151935331161023 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Fri, 20 Jun 2025 11:16:45 GMT
GET H3	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	222 B 135 B	110ms 62ms	XHR application/json	216.58.206.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.infosecurity-magazine.com Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 216.58.206.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS mil07s08-in-f2.1e100.net Software cafe / Resource Hash 867f9dd3024880705ee24732f942bd544d4ee565ef91d644ff9bd7cc1435f819 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110 x-xss-protection 0 expires Thu, 20 Jun 2024 13:46:02 GMT
GET H2	200	3b9cb11a-f78a-475f-97e2-8879d62470f2.jpg assets.infosecurity-magazine.com/webpage/feat/	68 KB 68 KB	77ms 56ms	Image image/jpeg	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.infosecurity-magazine.com/webpage/feat/3b9cb11a-f78a-475f-97e2-8879d62470f2.jpg Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash fc07abfccd147cbd8566fc632aae7c9d5930f3ae96009fd4a99538e070ef5309 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:45:52 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) server RX x-amz-cf-pop FRA60-P3 age 10 x-frame-options SAMEORIGIN x-cache Hit from cloudfront content-type image/jpeg cache-control private, max-age=2764800 x-amz-cf-id _0eA3-emQgieNE6WZxdtnw_2wUPXA9H0I_Gyx1hQdaMLNx3KdVbJ2A== content-length 69233 x-xss-protection 1; mode=block x-ua-compatible IE=Edge
GET H2	200	l use.typekit.net/af/73dbad/00000000000000007735a197/30/	24 KB 24 KB	174ms 69ms	Font application/font-woff2	2a02:26f0:3500:16::215:1492 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/73dbad/00000000000000007735a197/30/l?subset_id=2&fvd=n7&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4ca1e0e518aaf5d78abd4fc78268ac642cb679dbb56a905d2c57a296566a0bba Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/phq8nwg.css Origin https://www.infosecurity-magazine.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT server nginx etag "550ca47a88a465c010c13a8c017f04a91a75a9a4" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 24168
GET H2	200	l use.typekit.net/af/2180b4/00000000000000007735a193/30/	23 KB 23 KB	135ms 34ms	Font application/font-woff2	2a02:26f0:3500:16::215:1492 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/2180b4/00000000000000007735a193/30/l?subset_id=2&fvd=n6&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash a45a4393f8b7ac978e32ac46f58dad43eb83811a4b3d9f7b79cac1f864edd662 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/phq8nwg.css Origin https://www.infosecurity-magazine.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT server nginx etag "d42a9fe146eae2c4c65475dbd44806c5aed58d8b" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 23312
GET H2	200	l use.typekit.net/af/32b0e4/00000000000000007735a185/30/	44 KB 45 KB	139ms 39ms	Font application/font-woff2	2a02:26f0:3500:16::215:1492 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://use.typekit.net/af/32b0e4/00000000000000007735a185/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 Requested by Host: use.typekit.net URL: https://use.typekit.net/phq8nwg.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:16::215:1492 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software nginx / Resource Hash 4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://use.typekit.net/phq8nwg.css Origin https://www.infosecurity-magazine.com Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT server nginx etag "dead750a1d4bc579636464295fb9e45aa84c4884" content-type application/font-woff2 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin timing-allow-origin * content-length 45468
GET H2	200	a7d280e2-8cd7-47a1-ba33-0ae2a304849f.png assets.infosecurity-magazine.com/s3/infosec-media/images/profile/	2 KB 2 KB	23ms 22ms	Image image/webp	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets.infosecurity-magazine.com/s3/infosec-media/images/profile/a7d280e2-8cd7-47a1-ba33-0ae2a304849f.png?width=64&height=64&mode=crop&scale=both&format=webp Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash 60286b63bf13a33338f8dfa352247cd499d65bb0e56d87fde11efebe6afcca72 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 30 May 2024 09:09:08 GMT strict-transport-security max-age=31536000 x-content-type-options nosniff via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-aspnet-version 4.0.30319 x-amz-cf-pop FRA60-P3 age 1831014 x-cache Hit from cloudfront content-length 2106 x-xss-protection 1; mode=block x-ua-compatible IE=Edge server RX x-frame-options SAMEORIGIN content-type image/webp cache-control public x-amz-cf-id wY-igQ7bVk7TPcWwKR1aZ7JRPXOQIfgN2LDz-9z5a0UpTwT0wbE77A== expires Mon, 01 Jul 2024 09:09:08 GMT
GET H2	200	/ Show response www.infosecurity-magazine.com/account-buttons/	240 B 2 KB	57ms 56ms	XHR application/json	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/account-buttons/?time=1718891162273 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash 4e916eb59cd64cce6fc41e3355180f0284ae0edc2602686431e90f2e7f082652 Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" X-NewRelic-ID Vg8GV1ZVCxACUFBSAgMEV1c= tracestate 2916063@nr=0-1-2916063-322535572-c59d94a1fc5ed9fb----1718891162275 traceparent 00-8695b7cb9b42fe92ddb1bf0e26ff5dce-c59d94a1fc5ed9fb-01 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiYzU5ZDk0YTFmYzVlZDlmYiIsInRyIjoiODY5NWI3Y2I5YjQyZmU5MmRkYjFiZjBlMjZmZjVkY2UiLCJ0aSI6MTcxODg5MTE2MjI3NX19 Accept */* Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront content-length 240 x-xss-protection 1; mode=block x-ua-compatible IE=Edge pragma no-cache referrer-policy same-origin server RX x-frame-options SAMEORIGIN access-control-allow-methods * content-type application/json; charset=utf-8 cache-control no-cache, no-store feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id zUx_u6696TDGzf9iF01ZfYZ9e6hNdG0QS2ot6GrK68pEtyrsOcDNFw== expires -1
GET H2	200	/ Show response www.infosecurity-magazine.com/nav/mobile/	4 KB 2 KB	74ms 66ms	XHR text/html	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/nav/mobile/ Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash 53fc4495c7705b2373e2b73ec881c82dffb40cfbd744d8e5bd8ba7f5a018575b Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" X-NewRelic-ID Vg8GV1ZVCxACUFBSAgMEV1c= tracestate 2916063@nr=0-1-2916063-322535572-923e7bf0a547afc0----1718891162276 traceparent 00-ea961e040f2a5c719b05edacc3bf5046-923e7bf0a547afc0-01 Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 newrelic eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiOTIzZTdiZjBhNTQ3YWZjMCIsInRyIjoiZWE5NjFlMDQwZjJhNWM3MTliMDVlZGFjYzNiZjUwNDYiLCJ0aSI6MTcxODg5MTE2MjI3Nn19 Accept */* Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ X-Requested-With XMLHttpRequest sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff content-encoding br via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 x-cache Miss from cloudfront x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin server RX x-frame-options SAMEORIGIN access-control-allow-methods * content-type text/html; charset=utf-8 vary Accept-Encoding cache-control private feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() access-control-allow-headers Content-Type x-amz-cf-id xhr0bWcLvuhogJSeku_HLcHHCtoA6F_mVEn5yi13UZogByMfmlx65w==
GET H2	200	location Show response geolocation.onetrust.com/cookieconsentpub/v1/geo/	59 B 304 B	89ms 44ms	XHR application/json	2606:4700:4400::6812:2089 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" accept application/json Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server cloudflare vary Accept-Encoding access-control-allow-methods GET, OPTIONS content-type application/json access-control-allow-origin * cf-ray 896c33e4ab509293-FRA access-control-allow-headers Content-Type
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	68 KB 25 KB	101ms 60ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2385191182295390&correlator=1723732309280118&eid=31083341%2C31084450%2C31084571%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cquishing-chinese-citizens-qr-code&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=33&sc=1&abxe=1&dt=1718891162384&lmt=1718802000&adxs=436&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&vis=1&psz=1600x50&msz=728x50&fws=0&ohw=0&ga_vid=1527867068.1718891162&ga_sid=1718891162&ga_hid=2034506265&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718891161775&idt=531&cust_params=topics%3DPhishing%252CThreat%2520Intelligence%252CResearch%2520Reports&adks=3372136122&frm=20 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash d5759dbcf022bda357b41f5f8f7ceeeba7d227827cfa7f6fffa6cef631984e19 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25229 x-xss-protection 0 google-lineitem-id 6743087479 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138479328951 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	67 KB 25 KB	126ms 86ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2385191182295390&correlator=1037022940717246&eid=31083341%2C31084450%2C31084571%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cquishing-chinese-citizens-qr-code&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=33&sc=1&abxe=1&dt=1718891162394&lmt=1718802000&adxs=1046&adys=760&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&vis=1&psz=364x329&msz=300x250&fws=0&ohw=0&ga_vid=1527867068.1718891162&ga_sid=1718891162&ga_hid=2034506265&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718891161775&idt=531&cust_params=topics%3DPhishing%252CThreat%2520Intelligence%252CResearch%2520Reports&adks=972446744&frm=20 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash dd9159fd4f32710e3945f558a3a86c5333bf7cb2cce392d7fa60f3563bf869b8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25113 x-xss-protection 0 google-lineitem-id 6743087479 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138480015994 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response pagead2.googlesyndication.com/gampad/	67 KB 25 KB	102ms 62ms	XHR text/plain	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/gampad/ads?pvsid=2385191182295390&correlator=4099557931626186&eid=31083341%2C31084450%2C31084571%2C31079527%2C31078663%2C31078668%2C31078670&output=ldjh&gdfp_req=1&vrg=202406170101&ptt=17&impl=fifs&ltd_cs=1&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cquishing-chinese-citizens-qr-code&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=33&sc=1&abxe=1&dt=1718891162398&lmt=1718802000&adxs=436&adys=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&vis=1&psz=1600x50&msz=728x50&fws=512&ohw=0&ga_vid=1527867068.1718891162&ga_sid=1718891162&ga_hid=2034506265&ga_fc=false&topics=5&tps=5&htps=5&nt=1&psd=WzE0LG51bGwsbnVsbCwzXQ..&dlt=1718891161775&idt=531&cust_params=topics%3DPhishing%252CThreat%2520Intelligence%252CResearch%2520Reports&adks=1705559786&frm=20 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 5644aadf306e3ff5bf826d88f14ae1326bfadc70dcf728e64122579bb15b17c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br x-content-type-options nosniff google-mediationgroup-id -2 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25101 x-xss-protection 0 google-lineitem-id 6743087479 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 138479328951 content-type text/plain; charset=UTF-8 access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html 9adf0674e5aaa4ffa6d075e07a5de2b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AED8	0 0	110ms 29ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://9adf0674e5aaa4ffa6d075e07a5de2b3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Thu, 20 Jun 2024 13:46:02 GMT expires Thu, 20 Jun 2024 13:46:02 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	otBannerSdk.js Show response cdn.cookielaw.org/scripttemplates/202405.2.0/	451 KB 110 KB	47ms 47ms	Script application/javascript	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/otBannerSdk.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e94d708e9dc761fb1e714afe78b59026d8a7bc7641c89803d854c84cfa1e8b89 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 BVk4qgiFbkhql6hjghSxtg== age 77928 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 112021 x-ms-lease-status unlocked last-modified Wed, 12 Jun 2024 01:58:24 GMT server cloudflare etag 0x8DC8A8324B6C1DD vary Accept-Encoding content-type application/javascript access-control-allow-origin * x-ms-request-id 0570beca-201e-0035-3c70-bcef3c000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33e53a474d32-FRA
GET H2	200	js Show response www.googletagmanager.com/gtag/	305 KB 102 KB	54ms 53ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 509de79778870268a5643a7fc35a87939d6ccefaffba93769dc43375acfec067 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 104757 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Thu, 20 Jun 2024 13:46:02 GMT
GET H2	200	destination Show response www.googletagmanager.com/gtag/	266 KB 92 KB	68ms 68ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/destination?id=AW-875375440&l=dataLayer&cx=c Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 137e52048a3b7d0e22d106076965776845449d06cf61dffbe02c692a2e5b3d01 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93604 x-xss-protection 0 last-modified Thu, 20 Jun 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Jun 2024 13:46:02 GMT
GET H2	200	insight.min.js Show response snap.licdn.com/li.lms-analytics/	38 KB 14 KB	146ms 42ms	Script application/javascript	2a02:26f0:3500:10::210:a98 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://snap.licdn.com/li.lms-analytics/insight.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:10::210:a98 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 942a9ba1fe78b402e8b52b83058dbbabde8db6b4d1debf960d6d5afe5192db52 Security Headers Name Value X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-content-type-options nosniff last-modified Tue, 18 Jun 2024 16:46:52 GMT x-cdn AKAM x-amz-server-side-encryption AES256 vary Accept-Encoding content-type application/javascript;charset=utf-8 cache-control max-age=15957 accept-ranges bytes content-length 14004
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	219 KB 59 KB	75ms 20ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 0313b0d078dfe6c7ab517c11404b0c01458469006fbf1a0d4d4c5e90517e54f8 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 20 Jun 2024 13:46:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 58024 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=12, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug ceAJydMTkMFZ0Q87/cD90TRkCsJ3NhbteYK71hhwcZlaN5HCf29ZnIQAV2x5IdZgISf2TZ76hJPmA3tIBL7gQw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	oct.js Show response static.ads-twitter.com/	56 KB 15 KB	82ms 20ms	Script application/javascript	146.75.120.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://static.ads-twitter.com/oct.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 4d15ff2317e16ccd8ca1d3248fea7d91130e022369bb032824a84ad9967064df Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip last-modified Fri, 22 Mar 2024 21:07:24 GMT x-amz-server-side-encryption AES256 etag "bbbcf811d8437a575d796a4c1e5d4fad+gzip+gzip" vary Accept-Encoding,Host x-cache HIT, HIT content-type application/javascript; charset=utf-8 p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" x-tw-cdn FT cache-control no-cache accept-ranges bytes content-length 15412 x-served-by cache-iad-kjyo7100113-IAD, cache-fra-etou8220033-FRA
GET H2	200	tag.aspx Show response ml314.com/	37 KB 37 KB	93ms 25ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/tag.aspx?2052024 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software UploadServer / Resource Hash 773a28cc9ac8062b38482769d1f03d92a6487d5775d439cff1c8b5be61fdd6d7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:39:27 GMT via 1.1 google age 395 x-guploader-uploadid ACJd0NomLanV1iV5GGTiR523rAiXyq-oBgmfYKdxeG3yHV_uunT1uqtllyemvJ3btECuGG17fRJMI0sIqg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37568 last-modified Wed, 12 Jun 2024 23:47:10 GMT server UploadServer etag "611c769b568a169ba0179bc0e4fb3d9e" x-goog-generation 1718236030191817 x-goog-hash crc32c=jdP4zA==, md5=YRx2m1aKFpugF5vA5Ps9ng== content-type application/javascript cache-id FRA-1209ea83 cache-control public,max-age=3600 x-cache-hit hit x-goog-stored-content-length 37568 accept-ranges bytes
GET H2	200	en.json Show response cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/	54 KB 14 KB	54ms 54ms	Fetch application/x-javascript	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/en.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 722b835dd570d6861f5cbf3513ecfe92232a26f68dd054d64415b271396b818a Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT strict-transport-security max-age=31536000; includeSubDomains; preload age 25143 content-md5 D5PKW79w5z4Qq3Mfl/+DAA== content-length 13909 x-ms-lease-status unlocked last-modified Thu, 20 Jun 2024 06:44:05 GMT server cloudflare etag 0x8DC90F460CF07B1 vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * x-ms-request-id 645a0455-601e-0071-37dd-c2e1b3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33e5bfc29735-FRA expires Fri, 21 Jun 2024 13:46:02 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame B045	0 0	257ms 211ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvDoleTQSRBfc7iJS_JV3m4XZeaddlB0CLdkStJ8q7J8OQSYUikT8MLceJacee4vjBpnQinSqMSaL19jenJZWhWGlbb1Xy688shZHN2f3JEKzyFJ2id8aPggJ-X-c7vWF9y8Xs-NjkjK2n1_ujDS__LH604bVeGeAW7sNwMskDBXcm9ly9nI26pqbiuOsq1jG7WUngqvWpWWldwNwybQhizXGLU9LtxcKaphj6e5ntdvih0KL3PzMTAD3LmhagOs4BZ-t9Y2B9XNiBIjPnt5ttuKuOsj2lJNLwbzoImkTFxCLw4Wl_5Qw_kdk3WvYhDJK1SDgQwZmNSAUVoZXzkNMkFlZ5WJo-h58w8SmVrHIbTIYvHkk_4pROHBaNJvOKQuW6_Hxouj3dGM7V1xo-MPJvcIeJMkv5hjElqVy4h4ug6xwfdwr7FO4HpEcpX&sig=Cg0ArKJSzKedyYz_wB_0EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/ Frame B045	23 KB 9 KB	108ms 64ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash abb844a2947a8426d39e07812b3f40c45e0bf9b0e3bea812c6f72b263873e5c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:20 GMT content-encoding br x-content-type-options nosniff age 642 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9317 x-xss-protection 0 server cafe etag 6512122073717347310 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Jul 2024 13:35:20 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame B045	3 KB 1 KB	107ms 65ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:20 GMT content-encoding br x-content-type-options nosniff age 642 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Jul 2024 13:35:20 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B045	211 KB 65 KB	70ms 28ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 28e118be8697051a5b807f647dfead93ac3bbcfac672adefda5516e67f8e153c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:21 GMT content-encoding br x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66383 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 20 Jun 2024 14:35:21 GMT
GET H2	200	7885777605673452264 tpc.googlesyndication.com/simgad/ Frame B045	23 KB 24 KB	99ms 27ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/7885777605673452264 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b74e33110414e6ae310fa5fde1ac238223eaf9e6fc682515df7006e72ac9d664 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Wed, 18 Jun 2025 14:55:51 GMT date Tue, 18 Jun 2024 14:55:51 GMT x-content-type-options nosniff age 168611 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23758 x-xss-protection 0 last-modified Tue, 18 Jun 2024 08:51:36 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame AE64	0 0	232ms 211ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjst_-SHpdwTjUy0O8ny58WZsI_RjusUqDYT_hc-WVIQkV1Jvuox37LplTpa3XS2jWaX3X-lL9IxQpf-Sr0QJBoYkiQFUzzorKMw3wUE00zxAj0aMVy_ZVJDg0fWc62cgHEs8uJmuTeGoiAzFqHjav7XzR4RE7de-b4CRJ2Z9PqlCPKqXINW2NE_Vqd6ZgI_mkVPWjkdbujIKXMuC0gbskqtxwNvZaCqiCOe-GtP_5JQxf-SIK-NJCEKpR2WgvEI4cAqske6oJ4SaXqlbhwagZHYUI2vcoRX6P6CHI7pJhWs2sS74w9w02dm9Eoaq7bk9_NAocbYD59wUM7Sk4ZgsyY1FW0hO25gMDh4OuBTGnoXCHwt2IKiBl3adRPVjMVedxy1S70H0LJ3EpWfmSxZXEScR9HwT5rj12rUWCu7KP95AzLyYsD5HPnxuURSZ&sig=Cg0ArKJSzDvR-XEY9dl8EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	7885777605673452264 tpc.googlesyndication.com/simgad/ Frame AE64	23 KB 0	79ms 79ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/7885777605673452264 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b74e33110414e6ae310fa5fde1ac238223eaf9e6fc682515df7006e72ac9d664 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Wed, 18 Jun 2025 14:55:51 GMT date Tue, 18 Jun 2024 14:55:51 GMT x-content-type-options nosniff age 168611 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23758 x-xss-protection 0 last-modified Tue, 18 Jun 2024 08:51:36 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/ Frame AE64	23 KB 0	88ms 88ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash abb844a2947a8426d39e07812b3f40c45e0bf9b0e3bea812c6f72b263873e5c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:20 GMT content-encoding br x-content-type-options nosniff age 642 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9317 x-xss-protection 0 server cafe etag 6512122073717347310 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Jul 2024 13:35:20 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame AE64	3 KB 0	87ms 87ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:20 GMT content-encoding br x-content-type-options nosniff age 642 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Jul 2024 13:35:20 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AE64	211 KB 0	48ms 48ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 28e118be8697051a5b807f647dfead93ac3bbcfac672adefda5516e67f8e153c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:21 GMT content-encoding br x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66383 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 20 Jun 2024 14:35:21 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 214F	0 0	213ms 210ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsut6IQyeqTBKh_4eQ6bdAelKHCSr04BVjhQ9DqQ6PNc0IGggYZb-6zxGPEKikAHcHL-i3g8_44HKiItePPb7KC7PoglxXvIhdGMG-Vhhy90lOkYUKkaV31c0i72P8LzVD4nsZ2ZKBV9fwFL7Fj1ogi9UGHRLr5LgeP7zt7L6u5GtXhlgOjoCmY6rprFbw8SFYHf71CV2h51rAbLodmNkZBGhtqdo_MvZV7UpCR5nkqrCbvuZyV9w2ZoPLIiiB5q5N_ZMudWeuZGUgCXuYPpqae6Ko2QBEzqrIDZry75zSZnMg0BSV1CHWJYE0Tc9xzj316g-62PcKTZ66wbAjJCAa08QAehdtC2QkN75iKboX1LdjjMStZvTWSX55o1zuBXTxy2A1MVQHEI4-pXV9ooniXTVTjR3ZJkwtVASR10uQE3Om9ETNz70-L_JIve&sig=Cg0ArKJSzPIDNdRQ5-OQEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/ Frame 214F	23 KB 0	72ms 72ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/abg_lite_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash abb844a2947a8426d39e07812b3f40c45e0bf9b0e3bea812c6f72b263873e5c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:20 GMT content-encoding br x-content-type-options nosniff age 642 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9317 x-xss-protection 0 server cafe etag 6512122073717347310 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Jul 2024 13:35:20 GMT
GET H3	200	window_focus_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/client/ Frame 214F	3 KB 0	71ms 71ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20240617/r20110914/client/window_focus_fy2021.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 66e9bf446316f6eec5eaefa7098592bbd2144a60eb38c481db233a6ca8b8d94a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:20 GMT content-encoding br x-content-type-options nosniff age 642 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1229 x-xss-protection 0 server cafe etag 16544991220582087243 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 04 Jul 2024 13:35:20 GMT
GET H3	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 214F	211 KB 0	32ms 32ms	Script text/javascript	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash 28e118be8697051a5b807f647dfead93ac3bbcfac672adefda5516e67f8e153c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:35:21 GMT content-encoding br x-content-type-options nosniff age 641 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 66383 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Thu, 20 Jun 2024 14:35:21 GMT
GET H2	200	3790715711142806573 tpc.googlesyndication.com/simgad/ Frame 214F	61 KB 61 KB	84ms 53ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3790715711142806573 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202406170101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2be35b450dfd5de9cd0e103b222c51dcde3765a89b85f0db3db69cc5475fdf9a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers expires Wed, 18 Jun 2025 15:06:12 GMT date Tue, 18 Jun 2024 15:06:12 GMT x-content-type-options nosniff age 167990 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62685 x-xss-protection 0 last-modified Tue, 18 Jun 2024 08:50:20 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET DATA	200 OK	truncated / Frame B045	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 0fe6ad2a5a07935ad96f051a0959724aba6c281f1f1c176d11562bc23e4ce9a1 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame AE64	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 86ef4a7c2ff5994b31fabf7cfc98d509e0f729dee755fc7b8ac71a6d2ff49f3b Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 214F	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2777224a990edd4a4072ef8bc0b0be187c1bb83cee3379ea96f65606118cc941 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/png
GET H3	200	js Show response www.googletagmanager.com/gtag/	266 KB 92 KB	53ms 53ms	Script application/javascript	142.250.181.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-875375440 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f8.1e100.net Software Google Tag Manager / Resource Hash 107a185bde0b52212916f93b54ebb52b583382324c1ffc13929c6eb0ecb05628 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 93696 x-xss-protection 0 last-modified Thu, 20 Jun 2024 12:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Thu, 20 Jun 2024 13:46:02 GMT
GET H2	200	otCenterRounded.json Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	9 KB 3 KB	58ms 51ms	Fetch application/json	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCenterRounded.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1bc0b181617d553a69d6c20ada9495d7a8efe04ca9f098c965ec0758ba7a114 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 DM4PHT9W62CcH/uxO3iurA== age 24095 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 2612 x-ms-lease-status unlocked last-modified Wed, 12 Jun 2024 01:58:17 GMT server cloudflare etag 0x8DC8A8320F90CDF vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 3f695b16-a01e-0023-27dd-c2fc41000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33e6d9939735-FRA
GET H2	200	otPcCenter.json Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	62 KB 15 KB	57ms 50ms	Fetch application/json	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otPcCenter.json Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash efc69d4464af1d588f4acd82f8826658ae319ba867637e2a16e5b7855ebe702f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT content-md5 +J6r+ZMlT64N8+72muQSuw== age 25143 strict-transport-security max-age=31536000; includeSubDomains; preload content-length 14987 x-ms-lease-status unlocked last-modified Wed, 12 Jun 2024 01:58:17 GMT server cloudflare etag 0x8DC8A8320DD2482 vary Accept-Encoding content-type application/json access-control-allow-origin * x-ms-request-id 16454677-f01e-003b-3ddd-c2d1d4000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33e6d9959735-FRA
GET H2	200	otCommonStyles.css Show response cdn.cookielaw.org/scripttemplates/202405.2.0/assets/	24 KB 4 KB	58ms 52ms	Fetch text/css	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.cookielaw.org/scripttemplates/202405.2.0/assets/otCommonStyles.css Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c52550189ad7a781a37919af639c2d6a786821aad8b982daa6a54af46817b8fa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:02 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 9eusssrwoAzVOVsIadvhfQ== age 25143 x-ms-lease-status unlocked last-modified Wed, 12 Jun 2024 01:58:29 GMT server cloudflare vary Accept-Encoding content-type text/css access-control-allow-origin * x-ms-request-id 4f07ea94-e01e-00a7-73dd-c2aa69000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 896c33e6d9979735-FRA
GET H2	200	adsct t.co/i/	43 B 376 B	350ms 202ms	Image image/gif	93.184.221.165 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://t.co/i/adsct?bci=1&eci=1&event_id=178563a3-8259-4d4c-b8b8-a7d47c3d0827&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=788d448b-6b94-46d2-a029-726442e2d209&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.30 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 93.184.221.165 London, United Kingdom, ASN15133 (EDGECAST, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 179 date Thu, 20 Jun 2024 13:46:02 GMT strict-transport-security max-age=0 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id 9e9848b4c505a33c cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 82f7f383c6cb24159fa1508454f317472ef406ea30c6b2aab9a801357db8feb1 content-length 43
GET H2	200	adsct analytics.twitter.com/i/	43 B 395 B	274ms 127ms	Image image/gif	104.244.42.67 TWITTER
General Check archive.org Show headers Download Go to Show image Full URL https://analytics.twitter.com/i/adsct?bci=1&eci=1&event_id=178563a3-8259-4d4c-b8b8-a7d47c3d0827&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=788d448b-6b94-46d2-a029-726442e2d209&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.30 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.67 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-response-time 110 date Thu, 20 Jun 2024 13:46:01 GMT strict-transport-security max-age=631138519 server tsa_o content-type image/gif;charset=utf-8 x-transaction-id d658bcb2d9f412e8 cache-control no-cache, no-store, max-age=0 perf 7402827104 x-connection-hash 7731f08f4fd851c01b57f9c1f0994f738ae931fe88ef6c65bfa5fc59642267a6 content-length 43
GET H2	200	utsync.ashx Show response ml314.com/	62 B 254 B	81ms 68ms	Script application/javascript	34.117.77.79 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81370&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&pv=1718891162700_gjol4kl1p&bl=de-de&cb=1810296&return=&ht=&d=&dc=&si=1718891162700_gjol4kl1p&cid=&s=1600x1200&rp=&v=2.7.3.180 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 79.77.117.34.bc.googleusercontent.com Software Google Frontend / Resource Hash 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:02 GMT via 1.1 google, 1.1 google server Google Frontend content-type application/javascript p3p CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA" cache-control no-cache, no-store, must-revalidate alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires 0
GET H/1.1	200 OK	ud.ashx Show response in.ml314.com/	20 B 482 B	618ms 178ms	Script application/javascript	52.87.118.60 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://in.ml314.com/ud.ashx?topiclimit=&cb=2052024&v=2.7.3.180 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.87.118.60 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-87-118-60.compute-1.amazonaws.com Software Microsoft-IIS/10.0 / ASP.NET Resource Hash d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers Date Thu, 20 Jun 2024 13:46:02 GMT Content-Encoding gzip Server Microsoft-IIS/10.0 X-AspNet-Version 4.0.30319 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript; charset=utf-8 Cache-Control public Connection keep-alive Content-Length 138 Expires Fri, 21 Jun 2024 13:46:03 GMT
GET H3	200	/ Show response www.googleadservices.com/pagead/conversion/875375440/	3 KB 2 KB	163ms 71ms	Script text/javascript	142.250.181.226 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion/875375440/?random=1718891162722&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=948257336.1718891162&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.181.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s56-in-f2.1e100.net Software cafe / Resource Hash ab381b91c81491eda44754b87f9a38fa218523d066617a7738f925dfdc850065 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:02 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1707 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	580638648955413 Show response connect.facebook.net/signals/config/	69 KB 14 KB	68ms 20ms	Script application/x-javascript	2a03:2880:f084:105:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/580638648955413?v=2.9.158&r=stable&domain=www.infosecurity-magazine.com&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 22a234c567c1697a6776eb8627119e23ff3157e4474859bd35660c3cbb719c11 Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers content-security-policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script'; content-encoding gzip x-content-type-options nosniff strict-transport-security max-age=31536000; preload; includeSubDomains date Thu, 20 Jun 2024 13:46:02 GMT document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 14488 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=19, rtx=0, c=64, mss=1297, tbw=63583, tp=-1, tpl=-1, uplat=0, ullat=-1 pragma public x-fb-debug 9WGCkX/HQaCDkfWgDHjITBvrIoyqsSs/dHPLx8U2rZOy1fDtJykaFjhJkdlNjZIRZzOhWXM7hWEhdXG5bqGfwQ== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type application/x-javascript; charset=utf-8 x-frame-options DENY origin-agent-cluster ?0 cache-control public, max-age=1200 permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" timing-allow-origin * expires Sat, 01 Jan 2000 00:00:00 GMT
POST H2	204	collect region1.analytics.google.com/g/	0 255 B	110ms 27ms	Ping text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.analytics.google.com/g/collect?v=2&tid=G-8VSXE5KKGM&gtm=45je46h0v898772242z878347448za200zb78347448&_p=1718891162201&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=1527867068.1718891162&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718891162&sct=1&seg=0&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&dt=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&en=page_view&_fv=1&_ss=1&tfd=1228&_z=sendBeacon Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	collect stats.g.doubleclick.net/g/	0 264 B	110ms 28ms	Ping text/plain	2a00:1450:400c:c0b::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VSXE5KKGM&cid=1527867068.1718891162&gtm=45je46h0v898772242z878347448za200zb78347448&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0b::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:02 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.infosecurity-magazine.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 408 B	115ms 43ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8VSXE5KKGM&cid=1527867068.1718891162&gtm=45je46h0v898772242z878347448za200zb78347448&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1879016819 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:02 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame AE64	0 0	179ms 178ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsucXtJ2_nONV9W0SN6XQhv5rXQjyh8lhQpMftt_kSirFGeT3b0-4PNys_0RLoEEXYgN4WJ18WorPm-8Msh9S4NnY9m8VJxcfrP9YlFM4aToLRb4_EnHFvY8YfUBC33asgnvpULvnYHilLy8zuRcDFufywBjHiSaj_9G6kts7-EvimjDnLj-GTFJBJsX9hFpE69sYu-tBJJPEVT8QPidNkDKTmLPN6vtA-0tlyWtUxmLYEbrlVDElJn04q3kYBVAJLdZq6pEzEjjDpIi5i0TyZCxfsJKA4LREhCbxOKrR2KKIl3Wy31jGcC7oNUL2gsqhhcLAmj2GKmaqhkrH2zdPTiHIlHYrpnUox0dp-ktY_EoJdPvmm2GrTCRkcjN9xx0Za_lxxqDtLDYR2IIl8Yezr1r3mzd8XMHIjT7bD3hSr3YaKt94-ho77V2Kae5k3U&sig=Cg0ArKJSzP9Ik8i8ABF6EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AE64	0 0	172ms 171ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame 214F	0 0	187ms 184ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstVyrOtUqa_oKR1QJFqOxsVOIoVdHYqxoB8hcyKl0_w3HS4PuQADgyDDik6BpzwUrtMkEeJBAvixcQ_9jujpnezVgKE46zKN7E_usQrWNU3RmNDxmv9VrY49LgmFjwc0l-udJz9ZLPf_1yN_yU0wN4zjUOP_mS2PTSyqdeFQTF3re8yfTfTSr8s6YClj7-H-_XdxGlNAq3wsUlcpnlOEdb4-msAgvz5e3Cus75h086Q2s3rbeV7CNgC3CZ6xELp3RbVO25Py-K74GV6lD8Wpv9jUXjO2pm8Xint7l1EhoU-7VI8z007PfNxmoFopx9BiLvai1vIziZtRGBZlxUBW408-J2ETYAcF6xYVwEE6gRr6mahcuxlBtxeuXLBv3LKJaoBRKl-BBZ6QGjPVrniFBAFo5rZNidGxA2PS3WzEmFldGfzSlAN5WEnanoh2rs&sig=Cg0ArKJSzM1HL4AlaJtqEAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 214F	0 0	281ms 171ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view pagead2.googlesyndication.com/pcs/ Frame B045	0 0	176ms 174ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsteEhihN_GxB8x4EoUD8E4ua5jswz0BXDG7YApYHIYv9ItICO2xwIYqT0aCqBi-nU0hTAKLpPTyv346gYIaprn4x3eT3I2jn0PfhHrtCvhehX_4ms46uRDGxP0ZDMjYJsBLWRv9IawIpIe850kkFgeoTQUp3zoaShsYZZUPj67Bpezz1A-VNwEaKU34w7QetO9vQVQq_eFu3hxwkoWdGG7My8JhdHNZjtY8ugaBKUORzJMww8Xdy1TtWtMl-Dyik9S-ekucSJGItBNETUD8QrK4OOe9ndTl3nrJFvT1bQ1BHmElmISUwt1jOXWsrNzv9C4IMsw9ZjuqO40EcJpR-HXVMkWE5r2F0ex3A7EmFQ7rQ3mOv264a5dQLKhI52uPidfHLrCWfcNUWjk9dMRWx0YU_XJeILn1WtUduOTNxNW5l7LKTwgJLZY4umswf9o&sig=Cg0ArKJSzB_exeFuNqR9EAE&uach_m=%5BUACH%5D&adurl= Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:03 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B045	0 0	385ms 170ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWgD Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:03 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	/ Show response px.ads.linkedin.com/wa/	0 847 B	300ms 202ms	XHR text/plain	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/wa/ Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Accept * Referer sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:03 GMT nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: 6C3BBEA7D22D47D481EF6C0D536235F4 Ref B: DUS30EDGE0709 Ref C: 2024-06-20T13:46:03Z linkedin-action 1 vary Origin report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-fabric prod-ltx1 access-control-allow-origin https://www.infosecurity-magazine.com x-cache CONFIG_NOCACHE x-li-proto http/2 access-control-allow-credentials true x-li-uuid AAYbUokyXztpkhtLgwdQvg==
GET H2	200	attribution_trigger Show response px.ads.linkedin.com/	2 B 811 B	243ms 183ms	XHR application/json	2620:1ec:21::14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://px.ads.linkedin.com/attribution_trigger?pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Accept * Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:02 GMT content-encoding gzip x-li-pop afd-prod-ltx1-x x-msedge-ref Ref A: BA713E293A1246C5A97082F7F2A88396 Ref B: FRAEDGE1414 Ref C: 2024-06-20T13:46:03Z access-control-allow-methods GET, OPTIONS x-li-fabric prod-ltx1 access-control-allow-origin * x-cache CONFIG_NOCACHE content-type application/json x-li-proto http/2 x-restli-protocol-version 1.0.0 access-control-allow-headers * x-li-uuid AAYbUokyOMSlGpR6xcwFOg== x-fs-uuid 00061b52893238c4a51a947ac5cc053a
GET H2	200	collect px4.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2 https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2&e_ipv6=AQLiQqSK...	0 265 B	260ms 163ms	Image application/javascript	13.107.43.14 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2&e_ipv6=AQLiQqSKl2O-zQAAAZA15a6esUFifW6UYw3FW5jR4La-YkigJyYKG5FyQrZ_KJ1_x4N-ecOzKlC8 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Server 13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Thu, 20 Jun 2024 13:46:03 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: A4A88D3837C24196B7DC18BAF975133F Ref B: VIEEDGE2116 Ref C: 2024-06-20T13:46:03Z linkedin-action 1 x-cache CONFIG_NOCACHE content-type application/javascript x-li-fabric prod-lva1 x-li-proto http/2 content-length 0 x-li-uuid AAYbUok1uI8c5XBCIZfWCA== Redirect headers date Thu, 20 Jun 2024 13:46:03 GMT x-li-pop afd-prod-lva1-x x-msedge-ref Ref A: 9974E1604E3841DFA0E178C8C75AD2F2 Ref B: DUS30EDGE0709 Ref C: 2024-06-20T13:46:03Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lva1 location https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1718891163162&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&tm=gtmv2&e_ipv6=AQLiQqSKl2O-zQAAAZA15a6esUFifW6UYw3FW5jR4La-YkigJyYKG5FyQrZ_KJ1_x4N-ecOzKlC8 x-li-proto http/2 content-length 0 x-li-uuid AAYbUokx1ZcP6T4C+Glhjg==
GET H2	200	/ www.facebook.com/tr/	0 274 B	85ms 18ms	Image text/plain	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&rl=&if=false&ts=1718891163266&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718891163262.716743495387605011&cs_est=true&ler=empty&cdl=API_unavailable&it=1718891162766&coo=false&rqm=GET Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=10, mss=1297, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=0 strict-transport-security max-age=31536000; includeSubDomains date Thu, 20 Jun 2024 13:46:03 GMT server proxygen-bolt content-type text/plain access-control-allow-origin access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 0
GET H2	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 3 KB	272ms 206ms	Image image/png	2a03:2880:f177:185:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&rl=&if=false&ts=1718891163266&sw=1600&sh=1200&v=2.9.158&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1718891163262.716743495387605011&cs_est=true&ler=empty&cdl=API_unavailable&it=1718891162766&coo=false&rqm=FGET Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers attribution-reporting-register-trigger {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xc7d50ac3d5c94cbd","source_keys":["1","2"]},{"key_piece":"0x5e0ab21bbeef91f2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}} content-encoding zstd x-content-type-options nosniff content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; strict-transport-security max-age=15552000; preload document-policy force-load-at-top date Thu, 20 Jun 2024 13:46:03 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-xss-protection 0 reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7382581330673305488", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" x-fb-connection-quality EXCELLENT; q=0.9, rtt=17, rtx=0, c=12, mss=1297, tbw=3127, tp=-1, tpl=-1, uplat=186, ullat=0 pragma no-cache x-fb-debug /Apj69EQ31MhP/8eq6akKzpUmoDRDwOkgPz9ulDnNfW5sWpft1k4XjXHdIAJfWcJQIlrbo4tguhewSOE6CYNmw== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups;report-to="coop_report" vary Accept-Encoding report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7382581330673305488"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} content-type image/png x-frame-options DENY origin-agent-cluster ?0 cache-control private, no-store, no-cache, must-revalidate permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-conversion/875375440/ Redirect Chain https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l... https://www.google.com/pagead/1p-conversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypha... https://www.google.de/pagead/1p-conversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham...	42 B 154 B	34ms 33ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&value=0&npa=1&pscdl=noapi&auid=948257336.1718891162&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIp9etyajqhgMV8k0eAh2u5QVwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooLhh4ktBGmHE2Gb9KIJkMv2Ha7kncqew&eitems=ChAI8KbPswYQ8bDdmeCCqL9QEh0AfvvZtCHRGvdBZEPuLip8pf2JOKl38XIJJvLCcw&random=1263642732&ipr=y Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:03 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Thu, 20 Jun 2024 13:46:03 GMT content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://www.google.de/pagead/1p-conversion/875375440/?random=99534417&cv=11&fst=1718891162722&bg=ffffff&guid=ON&async=1&gtm=45be46h0v892578457z878347448za201zb78347448&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Fquishing-chinese-citizens-qr-code%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Quishing%20Campaign%20Targets%20Chinese%20Citizens%20via%20Fake%20Official%20Documents%20-%20Infosecurity%20Magazine&value=0&npa=1&pscdl=noapi&auid=948257336.1718891162&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.114%7CGoogle%2520Chrome%3B126.0.6478.114&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECShV0cmlnZ2VyLCBldmVudC1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIp9etyajqhgMV8k0eAh2u5QVwMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwDaQooLhh4ktBGmHE2Gb9KIJkMv2Ha7kncqew&eitems=ChAI8KbPswYQ8bDdmeCCqL9QEh0AfvvZtCHRGvdBZEPuLip8pf2JOKl38XIJJvLCcw&random=1263642732&ipr=y content-type image/gif cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	ping pagead2.googlesyndication.com/pagead/	0 0	172ms 171ms	Fetch text/html	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/ping?e=1 Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software / Resource Hash Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-platform "Win32" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers
GET H2	200	nr-spa-1216.min.js Show response js-agent.newrelic.com/	49 KB 19 KB	64ms 21ms	Script application/javascript	2602:816:5001::39 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js-agent.newrelic.com/nr-spa-1216.min.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2602:816:5001::39 , United States, ASN54113 (FASTLY, US), Reverse DNS Software AmazonS3 / Resource Hash 545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe Security Headers Name Value Strict-Transport-Security max-age=300 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id MElzWumrf8lREc3kORDlSWHVtEZAK4m8 content-encoding br via 1.1 varnish date Thu, 20 Jun 2024 13:46:03 GMT strict-transport-security max-age=300 x-amz-request-id 4WAKW8KHFEZSZ8FD x-amz-server-side-encryption AES256 x-cache HIT cross-origin-resource-policy cross-origin content-length 19141 x-amz-id-2 Qx4nj4BQcwfB1hAlQ26UIo8vaFMwk7wAE8D/AZe2Skw2NsWAlK/DXes8RcePnYVLHcg7pQTZxqs= x-served-by cache-fra-eddf8230035-FRA last-modified Wed, 18 Oct 2023 21:31:16 GMT server AmazonS3 etag "63e2df852d15ab21d7ff8fc4363222e8" vary Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400 accept-ranges bytes x-cache-hits 10537
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	17 KB 12 KB	75ms 75ms	XHR application/json	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202406170101&st=env Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash f5236954b1dc7123f17f14ce9b426a6f591293e45fed77d742806832c0ebb4cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:03 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12774 x-xss-protection 0
GET H2	200	RX_Logo_-_primary_logo_for_everyday_use.png cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/	51 KB 51 KB	37ms 37ms	Image image/png	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/RX_Logo_-_primary_logo_for_everyday_use.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 279b6c8b97bfb37476d6d075d1431d85a380ca36ebe6af4146844cfb135c21d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-md5 yxwPB4FKahj/CgrZY2+Gbg== age 56453 content-length 52319 x-ms-lease-status unlocked last-modified Mon, 02 Aug 2021 09:46:17 GMT server cloudflare etag 0x8D9559A5FD49D88 vary Accept-Encoding content-type image/png access-control-allow-origin * x-ms-request-id 1174c535-401e-004c-1219-15a9b3000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 accept-ranges bytes cf-ray 896c33ecce554d32-FRA
GET H2	200	powered_by_logo.svg cdn.cookielaw.org/logos/static/	5 KB 2 KB	46ms 46ms	Image image/svg+xml	2606:4700::6813:b234 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.cookielaw.org/logos/static/powered_by_logo.svg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6813:b234 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-ms-blob-type BlockBlob date Thu, 20 Jun 2024 13:46:03 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT content-encoding gzip content-md5 Y+c301RBZNK39PvKQWrIBw== age 33248 x-ms-lease-status unlocked last-modified Wed, 19 Jun 2024 02:33:19 GMT server cloudflare vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id 480ded1d-901e-00e7-6e7b-c28387000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control max-age=86400 x-ms-version 2009-09-19 cf-ray 896c33ecce5a4d32-FRA
GET H2	200	favicon.ico www.infosecurity-magazine.com/	15 KB 17 KB	25ms 24ms	Other image/x-icon	13.32.99.111 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.infosecurity-magazine.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.99.111 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-99-111.fra60.r.cloudfront.net Software RX / Resource Hash 298718a23e658b099c5c1f9aa683dd448e518e1f6c91c4832d4ccd8fba4a4cdf Security Headers Name Value Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 05:07:29 GMT content-security-policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content x-content-type-options nosniff via 1.1 5492e1c9a06f2320204e7fcc383cff5c.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P3 age 31114 x-cache Hit from cloudfront content-length 15406 x-xss-protection 1; mode=block x-ua-compatible IE=Edge referrer-policy same-origin last-modified Thu, 03 Aug 2023 12:59:01 GMT server RX etag "c9436846ac6d91:0" x-frame-options SAMEORIGIN access-control-allow-methods * content-type image/x-icon feature-policy accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none' permissions-policy accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=() accept-ranges bytes access-control-allow-headers Content-Type x-amz-cf-id DaZ9bHhyUVcsNbOtEOFkFDdtES2-Pue1jhnGNe7q-r2IzyT_wnTI5w==
GET H/1.1	200	NRJS-70b3f9b2c6f17cc4471 Show response bam.eu01.nr-data.net/1/	79 B 634 B	2147ms 33ms	Script text/javascript	185.221.87.23 FASTLY
General Check archive.org Show headers Download Go to Full URL https://bam.eu01.nr-data.net/1/NRJS-70b3f9b2c6f17cc4471?a=241052313&v=1216.487a282&to=MhBSZQoZXxEDUkdRWQtacWIoV0UHD0FfWUIABh9GHRpBAwVUHVlFFQ0%3D&rst=2041&ck=1&ref=https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/&ap=13&be=144&fe=1967&dc=608&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1718891161653,%22n%22:0,%22f%22:1,%22dn%22:10,%22dne%22:10,%22c%22:10,%22s%22:29,%22ce%22:52,%22rq%22:52,%22rp%22:117,%22rpe%22:119,%22dl%22:122,%22di%22:608,%22ds%22:608,%22de%22:609,%22dc%22:1967,%22l%22:1967,%22le%22:1986%7D,%22navigation%22:%7B%7D%7D&fp=644&fcp=644&jsonp=NREUM.setToken Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 185.221.87.23 , Ireland, ASN54113 (FASTLY, US), Reverse DNS Software istio-envoy / Resource Hash 0c909725b0ea7da9994f16e47a4142783410c5aa25cdd7770f85dc61eb8a170c Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:05 GMT server istio-envoy access-control-allow-methods GET, POST, PUT, HEAD, OPTIONS content-type text/javascript access-control-allow-origin * access-control-expose-headers Date access-control-allow-credentials true x-envoy-upstream-service-time 2 cross-origin-resource-policy cross-origin Connection keep-alive timing-allow-origin * Content-Length 79 x-served-by cache-fra-eddf8230045-FRA
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	113ms 112ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Thu, 20 Jun 2024 13:46:03 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Thu, 20 Jun 2024 13:46:03 GMT
GET H2	200	runner.html tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0E6	0 0	1952ms 19ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: www.infosecurity-magazine.com URL: https://www.infosecurity-magazine.com/news/quishing-chinese-citizens-qr-code/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers accept-ranges bytes age 624 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 20 Jun 2024 13:35:41 GMT expires Fri, 20 Jun 2025 13:35:41 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 214F	42 B 65 B	1914ms 1914ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDt95_yCtOc9AmzOR2SXM8RYanmdSde94GsUM31ZFV4MgkWhsDviSNROnWaRSSsmJ0v3JriwAw-uvVmArHbCIIllz8sNxRD6_Bzj7RX-hLPsz_JhatGZbJ70kIvV4MMe-DvvejXaFCqTdXhFbXg5qvITonrtY4FxtuR8j5GL8e5Ck&sig=Cg0ArKJSzI66SGqRKgttEAE&id=lidar2&mcvt=1000&p=809,1046,1059,1346&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=972446744&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1482396200&rst=1718891162595&rpt=432&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:05 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame AE64	42 B 65 B	1914ms 1913ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudRKpubMt_xWNwJTgg9qrv4jp96_SazuYxGWBwqXqjB5utv-Sgyd4sU6A__Oid8LIKUGwlpydDuGboz1YaHBloMkQVzY82qU72Ir2hHkd51wg7iTeo63Hc1QJ_llWCATOIywNtlbOTHb13hwN-5EwLFCL-LXrLldnKUsin-BEvbO0&sig=Cg0ArKJSzPP3aVVxdsKpEAE&id=lidar2&mcvt=1002&p=8,436,98,1164&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3372136122&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1482396200&rst=1718891162579&rpt=381&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:05 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B045	42 B 65 B	1813ms 1813ms	Fetch image/gif	142.250.185.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEuH7hqfN7if5Z9cryHCeNMU9ynIhkjpmJRixY4GNnqjaJNhyI_D8XhwFbJJv6ljC21XsXQ1cobntlKSD6n116UKE7qSwz2W0eh2TCAb1Gu1OksnBvU7qwSwBKCXgCauIJumV-6i9X-vYrfUa4FFk9PIBxFOwDGBvnrzitCntkGaA&sig=Cg0ArKJSzKag8uKuG92vEAE&id=lidar2&mcvt=1000&p=1102,436,1192,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240617&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1705559786&rs=4&la=0&cr=0&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTE0IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjExNCJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTE0Il1dLDBd&vs=4&r=v&co=1482396300&rst=1718891162546&rpt=551&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s52-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126" Referer Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers pragma no-cache date Thu, 20 Jun 2024 13:46:05 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		sodar pagead2.googlesyndication.com/pagead/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202406170101&jk=2385191182295390&bg=!ISKlIm3NAAb64txl2uI7ADQBe5WfOJ_QV3ghmv51QlQfG-8HFZy1OIzzuiBH1-ojQ0oc2b74n2eibxfVBplHXJ8ZEsYnAgAAAGBSAAAABWgBB34ANpx8mDuIb3Y6ypOM9GI2IziSxXDzRtXi_MY5BHZ6QQE_LKmLdxH_1wJSBsVjoqQaXJTjYXfog5kC2SSsDNTyEdeslAluIHg7Dl4UPUflJeiMXrW_9aAd_1w21sdNPKP_37_uABASdtTzosZ7WrK3YWgtCZc2wjuk1vhMcmdmolbFPY0_jqJt4ygpNURD_q0a_Cbq2n7eLnYSi0yqkPnePgP4WLKuhlhKleloThM1oitWxP-kUnZydqNk09p-yv_wmcnnsXvWYhYvmOwaqXsJ03GvXZawV2dNLSyhe5znac9vBY9CTNdguCi8LT34XmKPNeCj4546j1wGwz6FroKOSNiiWQUuzqAKySIygAirR-5wG0fPO1E1_TP0nBpZlcSOSCtpLR3BheDv8zHVO225Ropiy-X1e-WfMwUX9QDePAhGAoe0y405s19b_XnYnTxb9uc9yBy7htnP33LinT4i1vdfkoUTXAJxjiVHqoofVXcTwwVtsHsUX2LSRpQijBRfJBXVhPOKha1OnHKBFJYeIpGuiZGh_cJxEuo_8x74y50ia2itpjPvlAVyl1uOFurm1xqJgyX2KMEn79dX6MaXpzB73KgVP-H28yEX8wjdGNgnr3WQS4a06I64CG_4wGL6ZtEGTApJU7iLvYL8hVIDP6ntOtMiRbe2HNapf5q_FrNqk88BHa2bRnusgnVz5h8fwbe7Yykd8AigGQ_Ku9yyNCnY_aW-YUvCK72hKH6otDtbmh05s9oW4ohFVpxVNQO9goND7Twa396vpLd-JWwQ6s_00PJZ5OHDahXjqovOvO43NNYcIhMcELwJc7UFVsevqCk53UHT6Yvuxxh6hSOPfz51r8WnmdXcwKCYHzIvpFprgzWXKh5crt-nq4Dz506n1VPoe6tqwwjgd2H35yKJBedtbcza5dYfmDCB_1DDlMbF3otgg8BaNs_XQqOGsAzitr4Eqi6xioRw3zbeI7PxhOxJ13HQ4RISSi9zwXyzXKCZbGwrtxVtdQo2k_oD2z1yCyGOJNU3WK0hXQSoteTkJ5RMBg