www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Submission: On August 07 via api (August 7th 2020, 10:16:42 pm UTC) from US

Summary HTTP 224 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 30 IPs in 6 countries across 23 domains to perform 224 HTTP transactions. The main IP is 2a04:4e42:1b::444, located in Ascension Island and belongs to FASTLY, US. The main domain is www.zdnet.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on January 24th 2020. Valid for: a year.

This is the only time www.zdnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2a04:4e42:1b:... 2a04:4e42:1b::444	54113 (FASTLY) (FASTLY)
6	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
5	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
20	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1	151.101.1.188 151.101.1.188	54113 (FASTLY) (FASTLY)
1	34.102.213.242 34.102.213.242	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:815::2002	15169 (GOOGLE) (GOOGLE)
51	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a04:4e42:1b:... 2a04:4e42:1b::645	54113 (FASTLY) (FASTLY)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
1	35.177.118.109 35.177.118.109	16509 (AMAZON-02) (AMAZON-02)
2	3.9.96.171 3.9.96.171	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
2	162.247.242.20 162.247.242.20	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
4	2.16.177.50 2.16.177.50	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
2	104.111.215.35 104.111.215.35	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
24	2.21.38.40 2.21.38.40	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.201.72 143.204.201.72	16509 (AMAZON-02) (AMAZON-02)
8	52.201.164.192 52.201.164.192	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
224	30

31 2a04:4e42:1b::444 (Ascension Island)

ASN54113 (FASTLY, US)

www.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet2.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet3.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet1.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zdnet4.cbsistatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:6c00:19a::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6852bd11.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.188 (United States)

ASN54113 (FASTLY, US)

at.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.213.242 (United States)

ASN15169 (GOOGLE, US)
PTR: 242.213.102.34.bc.googleusercontent.com

urs.zdnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:816::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::645 (Ascension Island)

ASN54113 (FASTLY, US)

vidtech.cbsinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9c60745ed3b12fc43828a92f65212b2b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.177.118.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-118-109.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.9.96.171 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-96-171.eu-west-2.compute.amazonaws.com

geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.242.20 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-8.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.16.177.50 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-50.deploy.static.akamaitechnologies.com

clipcentric-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s20-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.35 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-35.deploy.static.akamaitechnologies.com

rev.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2.21.38.40 (France)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-21-38-40.deploy.static.akamaitechnologies.com

cbsdfp5832910442.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.201.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-201-72.fra53.r.cloudfront.net

ad.clipcentric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.201.164.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-164-192.compute-1.amazonaws.com

tr.clipcentric.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3dc3f369693701d32057397dbf1d0cd6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	moatads.com z.moatads.com mb.moatads.com geo.moatads.com px.moatads.com	1 MB
29	googlesyndication.com 9c60745ed3b12fc43828a92f65212b2b.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 3dc3f369693701d32057397dbf1d0cd6.safeframe.googlesyndication.com	334 KB
27	cbsistatic.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com zdnet1.cbsistatic.com zdnet4.cbsistatic.com	716 KB
25	doubleclick.net securepubads.g.doubleclick.net googleads4.g.doubleclick.net googleads.g.doubleclick.net	256 KB
24	moatpixel.com cbsdfp5832910442.s.moatpixel.com	10 KB
12	googletagservices.com www.googletagservices.com	320 KB
9	clipcentric.com ad.clipcentric.com tr.clipcentric.com	1 KB
6	cookielaw.org cdn.cookielaw.org	111 KB
5	ampproject.org cdn.ampproject.org	108 KB
4	2mdn.net s0.2mdn.net	115 KB
4	akamaihd.net clipcentric-a.akamaihd.net	111 KB
4	cbsi.com production-cmp.isgprivacy.cbsi.com at.cbsi.com rev.cbsi.com	19 KB
4	zdnet.com www.zdnet.com urs.zdnet.com	201 KB
3	fastly.net confiant-integrations.global.ssl.fastly.net	99 KB
3	google.com 1 redirects adservice.google.com www.google.com	383 B
3	go-mpulse.net c.go-mpulse.net	53 KB
2	nr-data.net bam.nr-data.net	455 B
2	akstat.io 6852bd11.akstat.io	555 B
1	google.de adservice.google.de	316 B
1	newrelic.com js-agent.newrelic.com	10 KB
1	cbsinteractive.com vidtech.cbsinteractive.com	281 KB
1	google.be adservice.google.be	168 B
1	onetrust.com geolocation.onetrust.com	515 B
224	23

	Domain	Requested by
41	px.moatads.com	www.zdnet.com
24	cbsdfp5832910442.s.moatpixel.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.zdnet.com tpc.googlesyndication.com cdn.ampproject.org
20	securepubads.g.doubleclick.net	zdnet3.cbsistatic.com securepubads.g.doubleclick.net www.zdnet.com www.googletagservices.com
12	www.googletagservices.com	www.zdnet.com securepubads.g.doubleclick.net rev.cbsi.com
11	zdnet3.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com zdnet3.cbsistatic.com
10	z.moatads.com	zdnet3.cbsistatic.com www.zdnet.com securepubads.g.doubleclick.net
8	tr.clipcentric.com	www.zdnet.com
8	zdnet2.cbsistatic.com	www.zdnet.com
7	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
6	cdn.cookielaw.org	www.zdnet.com cdn.cookielaw.org
5	cdn.ampproject.org	confiant-integrations.global.ssl.fastly.net
5	zdnet1.cbsistatic.com	www.zdnet.com zdnet2.cbsistatic.com
4	s0.2mdn.net	www.zdnet.com
4	googleads4.g.doubleclick.net	www.zdnet.com
4	clipcentric-a.akamaihd.net	www.zdnet.com
3	confiant-integrations.global.ssl.fastly.net	zdnet3.cbsistatic.com confiant-integrations.global.ssl.fastly.net
3	zdnet4.cbsistatic.com	zdnet2.cbsistatic.com zdnet3.cbsistatic.com
3	c.go-mpulse.net	www.zdnet.com c.go-mpulse.net zdnet1.cbsistatic.com
3	www.zdnet.com	zdnet3.cbsistatic.com
2	rev.cbsi.com	www.zdnet.com
2	bam.nr-data.net	js-agent.newrelic.com
2	6852bd11.akstat.io	zdnet1.cbsistatic.com c.go-mpulse.net
2	geo.moatads.com	z.moatads.com
2	adservice.google.com	securepubads.g.doubleclick.net
1	3dc3f369693701d32057397dbf1d0cd6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net
1	www.google.com	1 redirects
1	ad.clipcentric.com	clipcentric-a.akamaihd.net
1	js-agent.newrelic.com	www.zdnet.com
1	mb.moatads.com	z.moatads.com
1	9c60745ed3b12fc43828a92f65212b2b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	vidtech.cbsinteractive.com	zdnet2.cbsistatic.com
1	adservice.google.be	securepubads.g.doubleclick.net
1	urs.zdnet.com	zdnet2.cbsistatic.com
1	at.cbsi.com	zdnet3.cbsistatic.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	production-cmp.isgprivacy.cbsi.com	www.zdnet.com
224	39

This site contains links to these domains. Also see Links.

Domain
www.zdnet.com.cn
www.zdnet.fr
www.zdnet.de
www.zdnet.co.kr
japan.zdnet.com
www.techrepublic.com
downloads.zdnet.com
www.youtube.com
www.cnet.com
blog.malwarebytes.com
www.fortinet.com
cbsi.force.com
www.cbsinteractive.com
www.facebook.com
twitter.com
www.linkedin.com
legalterms.cbsinteractive.com
narratives.zdnet.com
ca.privacy.cbs
cbsi.secure.force.com
academy.zdnet.com
privacy.cbs
onetrust.com

Subject Issuer	Validity	Valid
*.zdnet.com DigiCert SHA2 High Assurance Server CA	`2020-01-24` - `2021-06-18`	a year	crt.sh
*.cbsistatic.com DigiCert SHA2 High Assurance Server CA	`2019-02-22` - `2021-02-26`	2 years	crt.sh
sni9451gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-07` - `2021-05-12`	a year	crt.sh
*.isgprivacy.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-10-14`	2 years	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.onetrust.com DigiCert SHA2 Secure Server CA	`2020-05-21` - `2022-07-27`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.at.cbsi.com DigiCert SHA2 High Assurance Server CA	`2019-12-17` - `2021-12-21`	2 years	crt.sh
*.google.be GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
vidtech.cbsinteractive.com DigiCert SHA2 High Assurance Server CA	`2018-12-13` - `2020-12-17`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
*.moatads.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2021-06-10`	2 years	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-07-22` - `2021-05-07`	10 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
aka.clipcentric.com Let's Encrypt Authority X3	`2020-07-18` - `2020-10-16`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
www.cbs.com GeoTrust RSA CA 2018	`2020-07-08` - `2021-08-07`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh
clipcentric.com Amazon	`2020-03-05` - `2021-04-05`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-07-15` - `2020-10-07`	3 months	crt.sh

This page contains 21 frames:

Primary Page: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Frame ID: 65A3D6FC155435024B15E66F3978F083
Requests: 138 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Frame ID: 5D35EA233CE0D56B5D809241A98A946D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJGqLGE-W3wVVRlUNITIsAXbzd-xgvEUmjYuxjTu5dqqlSYkfcsd4sOXU80T__SoThNuIsrWYS5mWGx79SiLBSsQo7aIIo7VfGciTIfaFhJm4p_WTnxqsmWx26X9h5md8F38He_RVTCwtZlxOASNMqy98P76zUAeY6T7xJ8pyCDDWbQ85M50Gk0JVWkevtvQ_DuFzGlfO3GrkqmNeg6o7tmrIoxBx8E3Y11cr8C6-0L_CQFRoJz2zfc9JOnjl0NoaL8-6yQVVfyOFabw&sai=AMfl-YRCeRlQw04WT0jw80PtTYupeldneLb9LqdzX0D5ovl9WSPVWxfZVjHO8VEinKfmQQbq30ialnICPDidO8zzznYa6lhapphBFIFIQ-55ij9r20L2PREUOND2Ggr1nz4&sig=Cg0ArKJSzOMQ1H2zSfZTEAE&urlfix=1&adurl=
Frame ID: B75DE9A18E6254B94ECE3619C4AA5D49
Requests: 21 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVBlw_mBVcg-88PI7ZqtNqlCAWiSGYPBjgZrs8ihp5qQ5Ud7LISLWkzGe9HMg0GPloNXarfAs3nQGYeR1Kv0iDPo4x4oii-Z-JEr6bpU00OX05ZqFkbfzJQPtHc7T_UmWYUaUGdfH8UfoQqdBVR2RffI0MYkJU2XQH61K427XgeRN9OOG8eEy5FZPfAZGXZ_yPi49f0aj-lUwjnziC4p5tG53K5AsXu2kCLqLR9WkS57wLcHTz7-nRK-wIM4Jb_Dbm_G4VNHo-GoUdm_3vwQPZveHe3vESS5pLkJfZ1BKKhnMV-hHhemRJbUdTp2fTEkp1jigQ1PFE0RSJBU9pN0ZR&sai=AMfl-YSDUniL3uJa2s0p4mD51SA_ezj0POcyjQyFg_HgtUwmy8CoH828183fCWy-w2z30bVLFl5JUr43omVyAHB7dYcai23y0SPyPjhFhHmrZciZriclmJz4pQrH-6QEXQM&sig=Cg0ArKJSzPTYXtR6WtBzEAE&urlfix=1&adurl=
Frame ID: 7367A5F3026301499172884FB125FD1B
Requests: 8 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEKP8urd10B94Wz1F3IcH8EAdSETsCky92CRDjyz0qFAaKyhwPB0EgtFjkFSXHLHoxJCUjkgluSzoE3tva6OQm8ur6inOrd4ZakmcnlDGktxSyUxpqYXxtrZaAvcSbvafSOcsz0oD-JPKuZFkmkyMugD_7LYZRua3YD92JInHOPBngs6aq5NOA3d0oBGBB1MXAo6b__c0QP_iCOjLzJlx91ERM94PJNuokmzuBmcfbSDdOH96J3eLg3t8RxXb3iWiq9qYTVhAmFRSQOZ4IFb1HcFiEORkiK2QUc8GJApqlqwc2-FU-wHczSbbeH7rSRWtDL8m62xEsvK9ttkd-L3s6&sai=AMfl-YQjDZ4giNcutFnLmSANZqu-ebIfQZ9Wczlgp-_2Y2PhDCFIbtgQnNPMg-q4u0zwth5AiR98VpDJB1QuS5ruXH6KHCf66530li0RM3qkyOogRg9HXpaS9aGCx4PgOc0&sig=Cg0ArKJSzIvmCUcpXi57EAE&urlfix=1&adurl=
Frame ID: B0F999C98720BCD1DA11F4A6DC246C2A
Requests: 8 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4a-6sFtmGtVJCcjjeDUylEnX1Fq1VdgL69xSETxsyEpILJ8iatv2NT26u8rEyJAlZfL78huKtdhequ7Fs1eV_8a_ZoJuSzguduY-ev_pHxY_J7W554fkZWFhIhOQsVASS7hTyOCFe5BXEnQMsP8HiQR1Mmx-wSk5D__H2BNTLiLukCzpM4OamDxHHUsex-7JvriDh4KB4UWxDzBYmF-nJq-qdsPuBQfgq_l3k0t6e7t3mTw7jjLSAcEetG4x7h0w0yX-FPDx0xPUkDZDU1RdSNAm2xXd41NoLv-6nXd7ZtV8UfwTWuLnr67Y-IJST9ZMY1ZX2irIs1gnWHe6qlXSV&sai=AMfl-YT-MBTil0l5VZiyGHF5QJjr-HOgqLQoETrFl5JVejfoq_1bHf_1hosxJPccQEyFBtXcM8Tl1FidcdAMh6ArWK2dDH2je5ewnwijWZOAPEKz8kCD6TSkwqnkwbC-wto&sig=Cg0ArKJSzIs8zqScB8NWEAE&urlfix=1&adurl=
Frame ID: E713C3F093721592468006FA5D908C20
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwIk44-lGGPYsOMEXRApC8kLK1DYRYbd59b_T-gooBC5gLU8WKIKXhZ_L67O_zgUdVKPbyrc3tF3UrETRP1gFs4dLdu8UqSjfUBj1MMMd1V2uZx-BYQe4ic8okr4YXvxOnFe1Gtl5fDjyf6UHiL-iIXBkUes5sIBYsHpJ1H-hWoNzMm87YklMy6KTLsIi8N4yMah4kknQALSBGM7je3tBFyEME4CCxy5Oq2drg8wVbsj7Ty0LuVj1zovYzGX1G1JMruwe9AsIT&sai=AMfl-YTUuL5lDuT7q-M2Fa4U8zCLp3vHUShWE8MkNVoXLkt0tXEE88uk1GozHEX0mXorv2jWBfIx-rBRHXkyQOM79eeyffQDNCqD1rBiaPQpTtv2-joJ1F-HtFTP73k4u-0&sig=Cg0ArKJSzLc48gtGYhN6EAE&urlfix=1&adurl=
Frame ID: 927ADF0E43F206B37CA06DC21EA9F593
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNArMjvnSF3fktnparhGy1surSoWFOf2hqk9fD7wuk9GS8-tjqTwZX6tBB8jbHK-o7_1rYtVvPZt4JLK1OfDGoTGxp8hQfO_YRgR5ybVxyl-GkWXXDIvePBa0xGXPQNSU3atVzYp8QqTcSagOdipgWUIbWrhMDribBNnJkJ777_AhVLN5o9_yfORrGsWn2mA7nNluJzLC9MwY5s_6qqKDqiaBRSTfCmP2drO9uQW6LtqRe9sRkYLKOiinVXVAYYRkvfHnrmbIv&sai=AMfl-YRh9Cdh238BUHLvwuTx1o7roDrnh5r32grF4yPMET9_ExudOGONPRWOBaPLEiBugXzYS6NDrCba1sS_g7rcdGqvJ3gcYj6Ig-e4pn_mZ9B84EVVd0BEKe4HtiTuEgU&sig=Cg0ArKJSzLXHD5rQwUs3EAE&urlfix=1&adurl=
Frame ID: B618AEF2C274487EB5C5A85EFB1DBD6C
Requests: 4 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js
Frame ID: 35D96530C6B8BA9B2F9EEAFE49930576
Requests: 14 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9AquGRPwjy-H6lioZ25RGUGAwilpzroLvLqzM29o1ONtcPVfuux618QbWSEi7C7oWLK4exq1x7L1Yh_jeg4UsKcc7Yi3gqcQgP1Lfi0K-9M8J6-gaTwWa_9rhEk1T82r0FBN2W-_KOlmgq5D5C0r78qv58pxP9p50UU3P_Wo4HgygVpI48rzYIdiUJP6eG-QEk0yHtwwAPcasdc1uhY4fp-SQK4bHUmm_BQ5AgYtnw5GppIePyzk9SJvVEj14lk8a2vNRoEMfpM68BNnRooS2CUMtjwi3CnOPyng1dGjChx2aNQLnpuvyz9BsjFORhZ9F5WhmLsD-gynbizXSARL2&sai=AMfl-YRnM4EA-l8AYRHWe3sMZLf0FaUzVNyUSZ162JyLNW8zGPFcGMVAOmgyRIr7Gp1dmV05NrC5TUmR6PBvuAEEcnD3uNfEOF9uDjysXKLQa1040toK2hUqPp576Q3s5Iw&sig=Cg0ArKJSzAFzrVMPqbjvEAE&urlfix=1&adurl=
Frame ID: 28AFD217C9B5E40622BF474517B06D63
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FB62EBA6D6CA22A8552453D4723E237
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 15C14DB1B022FE2A037C439CB80ECEF1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2608A66A6ECE2E4D30337E859CF2DFBE
Requests: 1 HTTP requests in this frame

Frame: https://ad.clipcentric.com/user-9/resources/store.phtml?v200530
Frame ID: 2E42D6B230FDB38023C6250B429FAD23
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 299D362C496D770EE3BC6647DE16B5B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 0284D997ECFBF28760199273200CBE75
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 84D70F88F2C79C0A72ECDCBB4FC71D8B
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: 4C6175E70D80ED39A252E3C2BEABCA18
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKTpZjSKW84iCW2i_igPz6tzPl2Gbjr6wJxlJtOUGoyGLR2YxFYjoWy2Wli9H49aY9CBHl564hxjztWbXomtdCjQjhwvfHObC5ogKJKri1XSX2Hec-uTl0-2WaMwM79MAnXaHHRG4rh17gAem_DhJL4okV0ma4hYs7Wd3z2q_5-Ua20PXwWxyts3Jnv6wqOuXaWLSSHIhzjHmEVDepEFtXAKIITJolTR1kpmlRVkb5yiFf_aXQsW-PkOqfmdYQLbB-pPnQ9v13&sig=Cg0ArKJSzFv0Yce7A9_8EAE&urlfix=1&adurl=
Frame ID: DD448886DAAB54DAC8ED488832887400
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5jI7HO7j0rtdylLnG50jEk_leByYSMhrtlMtLRAGIG8wj5TropHHe7qXnMp2OggBccSNVtbSWajv1KGeIRIOp0XQIeTdtJ3PkYm6w8sNybyzlzVeHZTa9Tn0z_0rlGuz9BhEEFf1oJl8R_IafV0fRmZc1MyXkXBbaZajotjTUlecsR9K98WJFJFi_aEgLLUqinHoCQffhK78Q_ob0Dh3TT7w-yj01yIZw56iIkIc-mkSF-Q7QILRf-btOx3o_nvPqSa92HOyz&sig=Cg0ArKJSzPxLvkPxje4-EAE&urlfix=1&adurl=
Frame ID: F3C75A2AB6AC6DB515225D6E11ECCE42
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: D8AFB754815102E2890201F68CCAC4A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

224
Requests

100 %
HTTPS

50 %
IPv6

23
Domains

39
Subdomains

30
IPs

6
Countries

3802 kB
Transfer

10408 kB
Size

16
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: http://www.zdnet.com.cn/
Title: ZDNet China

Search URL Search Domain Scan URL

URL: http://www.zdnet.fr/
Title: ZDNet France

Search URL Search Domain Scan URL

URL: http://www.zdnet.de/
Title: ZDNet Germany

Search URL Search Domain Scan URL

URL: http://www.zdnet.co.kr/
Title: ZDNet Korea

Search URL Search Domain Scan URL

URL: http://japan.zdnet.com/
Title: ZDNet Japan

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/resource-library/whitepapers/
Title: White Papers

Search URL Search Domain Scan URL

URL: https://downloads.zdnet.com/
Title: Downloads

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/forums/
Title: TechRepublic Forums

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=92rC4x0D1B0
Title: Phone privacy settings: Securing your iPhone and Android phone (ZDNet YouTube)

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/top-cheap-home-security-devices-in-2020-amazon-echo-smart-cam-wyze/?ftag=CMG-01-10aaa1b
Title: Top 6 cheap home security devices in 2020 (CNET)

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/what-are-it-pros-concerned-about-in-the-new-normal-security-and-flexibility/?ftag=CMG-01-10aaa1b
Title: What are IT pros concerned about in the new normal? (TechRepublic)

Search URL Search Domain Scan URL

URL: https://blog.malwarebytes.com/threat-analysis/2020/08/inter-skimming-kit-used-in-homoglyph-attacks/
Title: homoglyph attack wave

Search URL Search Domain Scan URL

URL: https://www.fortinet.com/blog/threat-research/inter-skimmer-for-all
Title: $1,300 per license

Search URL Search Domain Scan URL

URL: https://www.cnet.com/how-to/browser-privacy-change-these-settings-now-whether-you-use-chrome-safari-or-firefox/?ftag=CMG-01-10aaa1b
Title: Browser privacy: Change these settings now, whether you use Chrome, Safari or Firefox

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/synopsys-survey/?ftag=CMG-01-10aaa1b
Title: Security analysts want more help from developers to improve DevSecOps

Search URL Search Domain Scan URL

URL: http://cbsi.force.com/CBSi/zdnetcommunityfaq
Title: Community Guidelines

Search URL Search Domain Scan URL

URL: http://www.cbsinteractive.com/legal/cbsi/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/highlights
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ZDNet/
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/zdnet
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/zdnet-com
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCr9QWb5RKLfaunjKHJZAdQQ
Title:

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/cookies
Title: Cookies

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/adchoice
Title: Ad Choice

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: http://legalterms.cbsinteractive.com/eula
Title: Mobile User Agreement

Search URL Search Domain Scan URL

URL: http://narratives.zdnet.com/
Title: Sponsored Narratives

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/
Title: CA Privacy/Info We Collect

Search URL Search Domain Scan URL

URL: https://ca.privacy.cbs/donotsell
Title: CA Do Not Sell My Info

Search URL Search Domain Scan URL

URL: https://cbsi.secure.force.com/CBSi/knowledgehome?referer=zdnet.com
Title: Site Assistance

Search URL Search Domain Scan URL

URL: https://academy.zdnet.com/
Title: ZDNet Academy

Search URL Search Domain Scan URL

URL: https://www.cbsinteractive.com/legal/cbsi/privacy-policy/cookies-and-beacons
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://privacy.cbs/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://onetrust.com/poweredbyonetrust

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

224 HTTP transactions
20 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/ 523 KB
150 KB 199ms
184ms Document
text/html 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

189d15d241774168466b1f5e9bef0f8761a31f4e7bd5f36b8297533d4222d046

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.zdnet.com
:scheme: https
:path: /article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-encoding: gzip
content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-type: text/html; charset=UTF-8
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
last-modified: Fri, 07 Aug 2020 22:01:15 GMT
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-tx-id: f55dbc39-c4ef-4232-b019-d3935d09809d
x-xss-protection: 1; mode=block
date: Fri, 07 Aug 2020 22:16:23 GMT
cache-control: max-age=5400, private
expires: Fri, 07 Aug 2020 23:31:15 GMT
set-cookie: fly_geo={"countryCode": "de"}; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_device=desktop; max-age=604800; path=/; domain=.zdnet.com; Secure; fly_preferred_edition=eu; path=/; domain=.zdnet.com; Secure; fly_default_edition=eu; path=/; domain=.zdnet.com; Secure;
vary: Accept-Encoding, User-Agent
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 152276

GET
H2 200 main-f5b8751919-rev.css
zdnet2.cbsistatic.com/fly/css/core/ 352 KB
59 KB 22ms
7ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/css/core/main-f5b8751919-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6b0ea6d0adea9ff7452ecdbeb8f59534c930f0ffa1f0da85f3a470623118e0cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195374
status: 200
vary: Accept-Encoding
content-length: 59577
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "35edc8dab738a55323f2866b31eb1580"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:59:37 GMT

GET
H2 200 controls-3b3630e0da-rev.css
zdnet3.cbsistatic.com/fly/css/video/htmlPlayerControls/ 19 KB
4 KB 21ms
6ms Stylesheet
text/css 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-3b3630e0da-rev.css

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6246b627fe6cf14455aa8ec1cff85c46077a3d1eab4c4f3f2e55831af2fb8f45

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195309
status: 200
vary: Accept-Encoding
content-length: 3960
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:41 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e483c2d3ef36e55a2ad5b49cf189b9d3"
strict-transport-security: max-age=31536000
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Aug 2020 16:00:09 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 11 KB
4 KB 28ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE8) /
Resource Hash: fb8dda9221a64450a8195dc4e776a3dcc0770c56bfa05ef2372ca87a0e841d74

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
content-md5: lN3XZGn0TMokwcolAjk9ew==
age: 5443
x-cache: HIT
status: 200
content-length: 3771
x-ms-lease-status: unlocked
last-modified: Fri, 07 Aug 2020 07:01:40 GMT
server: ECAcc (frc/8FE8)
etag: 0x8D83A9FBC2AC409
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: cc2d56db-e01e-005c-2ffb-6c291f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sat, 08 Aug 2020 02:16:23 GMT

GET
H2 200 optanon.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 35 KB
10 KB 76ms
6ms Script
application/x-javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

57f3f0379ec83f9bed92275bbd303a4eb7eb67a7d6b10599183695173c41a3ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 844
x-cache: HIT
status: 200
x-cache-hits: 58
vary: Accept-Encoding
content-length: 10092
x-xss-protection: 1; mode=block
x-served-by: cache-hhn4057-HHN
access-control-allow-origin: *
last-modified: Fri, 12 Jun 2020 13:29:10 GMT
x-timer: S1596838583.211004,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "8e9faa49cc6bfa03cb9e6fb89f81ef59"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
via: 1.1 varnish
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-amz-id-2: Sr6UFXbML3nkbPkm+MIRq7xZ5ZknmzJq69va2xQbUd9mfbJAm38rCWEwC53IgkjrjMcvPB5XFpY=

GET
H2 200 charlie-osborne.jpg
zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/ 930 B
1 KB 9ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/hub/i/r/2014/07/22/36b8334d-1175-11e4-9732-00505685119a/thumbnail/40x40/d95deacb5e6bd3a9d82988a322877f5b/charlie-osborne.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
x-content-type-options: nosniff
age: 10140632
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 930
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "1cc3633c579a90cfdd895e64021e2163"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 cisa-says-62000-qnap-nas-devices-have-be-5f2171d1931ab320db2de039-1-jul-30-2020-14-50-40-poster.jpg
zdnet3.cbsistatic.com/hub/i/r/2020/07/30/8b685d65-9d29-4c8b-80c1-6b75797773a3/thumbnail/570x322/9dc1505190cdded19e1f21992998ae5a/ 42 KB
42 KB 7ms
6ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/07/30/8b685d65-9d29-4c8b-80c1-6b75797773a3/thumbnail/570x322/9dc1505190cdded19e1f21992998ae5a/cisa-says-62000-qnap-nas-devices-have-be-5f2171d1931ab320db2de039-1-jul-30-2020-14-50-40-poster.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7055d45c46091178a8591e3b9b781cbcf8728537c8d3fb24f4adc67b315c707d

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118715
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 42595
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"18444c8a59af238a403ebabcb25f69be"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 advertisement.js Show response
zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/ 53 B
221 B 8ms
8ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/bundles/zdnetjs/js/utils/advertisement.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151131
status: 200
vary: Accept-Encoding
content-length: 83
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:54 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4b2791381fc1e9ecd85366493d849ab7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Aug 2020 04:17:32 GMT

GET
H2 200 require-2.1.2.js Show response
zdnet2.cbsistatic.com/fly/js/libs/ 16 KB
6 KB 8ms
7ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169779
status: 200
vary: Accept-Encoding
content-length: 6169
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "0d4c5a2e2f55835cfa6035f0b69b3fc9"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Aug 2020 23:06:38 GMT

GET
H2 200 YZ2TK-PC7PJ-K64DL-L53CR-P2G4E Show response
c.go-mpulse.net/boomerang/ Frame 5D35 202 KB
51 KB 9ms
9ms Script
application/javascript 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: br
last-modified: Mon, 22 Jun 2020 19:29:51 GMT
server: Akamai Resource Optimizer
status: 200
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=604800, s-maxage=604800
timing-allow-origin: *
content-length: 51580

GET
DATA 200
OK truncated
/ 31 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 917 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 mag-white01.png
zdnet1.cbsistatic.com/fly/1596642465-asset/bundles/zdnetcss/images/core/ 1 KB
1 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/fly/1596642465-asset/bundles/zdnetcss/images/core/mag-white01.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-f5b8751919-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
x-content-type-options: nosniff
age: 195333
status: 200
vary: Accept-Encoding
content-length: 1265
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 14:09:17 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:45:22 GMT

GET
H2 200 ring-animated.svg
zdnet2.cbsistatic.com/fly/1596642465-asset/bundles/zdnetcss/images/video/ 704 B
719 B 7ms
6ms Image
image/svg+xml 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1596642465-asset/bundles/zdnetcss/images/video/ring-animated.svg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet3.cbsistatic.com/fly/css/video/htmlPlayerControls/controls-3b3630e0da-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 195267
status: 200
vary: Accept-Encoding
content-length: 364
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 14:09:16 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5f87ac7f571b5a0b1cdc101b49cdc8de"
strict-transport-security: max-age=31536000
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:39:03 GMT

GET
H2 200 Semibold.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 24ms
12ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Semibold.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-f5b8751919-rev.css
Origin: https://www.zdnet.com

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
x-content-type-options: nosniff
age: 14026582
status: 200
vary: Accept-Encoding
content-length: 20344
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f78"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
H2 200 Regular.woff2
zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/ 20 KB
20 KB 18ms
6ms Font
font/woff2 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet2.cbsistatic.com/bundles/zdnetcss/fonts/Proxima%20Nova/Regular.woff2

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-f5b8751919-rev.css
Origin: https://www.zdnet.com

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
x-content-type-options: nosniff
age: 14026584
status: 200
vary: Accept-Encoding
content-length: 20256
x-xss-protection: 1; mode=block
last-modified: Thu, 27 Feb 2020 13:35:38 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "5e57c5aa-4f20"
strict-transport-security: max-age=31536000
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Feb 2021 13:59:59 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 logo.png
zdnet2.cbsistatic.com/fly/1596642465-asset/bundles/zdnetcss/images/core/ 4 KB
4 KB 7ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet2.cbsistatic.com/fly/1596642465-asset/bundles/zdnetcss/images/core/logo.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zdnet2.cbsistatic.com/fly/css/core/main-f5b8751919-rev.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
x-content-type-options: nosniff
age: 195309
status: 200
vary: Accept-Encoding
content-length: 4105
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 14:09:17 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:45:22 GMT

GET
H2 200 bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/ 3 KB
2 KB 24ms
6ms XHR
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8EA3) /
Resource Hash: 8cfdb818669c969c956138d8e9d666f7198c1369c03486a846f535f7dc132757

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
content-md5: 8BH1EliUX9CzwlXM9n6bGQ==
age: 12139
x-cache: HIT
status: 200
content-length: 1148
x-ms-lease-status: unlocked
last-modified: Thu, 06 Aug 2020 15:25:06 GMT
server: ECAcc (frc/8EA3)
etag: 0x8D83A1CE5DD2567
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3a1d9221-f01e-012a-29ec-6cebf6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sat, 08 Aug 2020 02:16:23 GMT

GET
H2 200 main.default.js Show response
zdnet3.cbsistatic.com/fly/e48275-fly/js/ 687 KB
210 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

360bcaf459f5f84a37a75ef8a701027dd3b1c8c282c1a8791165f9df41f11519

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 160513
status: 200
vary: Accept-Encoding
content-length: 214823
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:31 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "a8779f7c4674dcc76ce26d4700415e3a"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Aug 2020 01:36:15 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 5D35 2 KB
1 KB 48ms
37ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&d=www.zdnet.com&t=5322795&v=1.632.0&if=&sl=0&si=qqf5y5ymo7h-qepsjb&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 08a1e2c24c5df6cb5da350e764112cbead1e71770991621d58a93fb5e5f45aeb

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 758

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 164 B
515 B 41ms
20ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 5bf45c99891305c4-FRA
cf-request-id: 046c9833f7000005c481ac4200000001

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 51 KB
17 KB 59ms
58ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

a8d173efa6f88e3b2592fe2586d37289e5fffe00ed87e9728d5a0fc82f9709ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "595 / 61 of 1000 / last-modified: 1596837352"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17511
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:23 GMT

GET
H2 200 diff Show response
at.cbsi.com/lib/api/v1/zdnet/prod/config/ 13 KB
3 KB 18ms
18ms Fetch
application/json 151.101.1.188
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://at.cbsi.com/lib/api/v1/zdnet/prod/config/diff

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.1.188 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0fc639413ca1e659999eab408cd33d2c5aba61da91dd38783a9d33480eb5db2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
cat: JVtlA0Lkw
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
version: v2.16.1
variant: minified
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
x-dns-prefetch-control: off
x-cache: HIT
status: 200
ttl: 900s
content-length: 3133
x-xss-protection: 1; mode=block
x-served-by: cache-ams21027-AMS
access-control-allow-origin: https://www.zdnet.com
server: Google Frontend
x-timer: S1596838584.520968,VS0,VE0
x-frame-options: SAMEORIGIN
etag: W/1922192038c546e3a72fdec13bcebb6b7dd43d9e
x-download-options: noopen
vary: Accept-Encoding, Origin
strict-transport-security: max-age=300
content-type: application/json; charset=utf-8
via: 1.1 varnish
x-cloud-trace-context: 35f05585bdfff8a680069aededec6c53
cache-control: max-age=900
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 4

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.4.0/ 324 KB
68 KB 7ms
7ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FFD) /
Resource Hash: d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
content-md5: OXmd51EQ9oHx+DG8SQeJEg==
age: 3865
x-cache: HIT
status: 200
content-length: 68972
x-ms-lease-status: unlocked
last-modified: Fri, 07 Aug 2020 07:01:44 GMT
server: ECAcc (frc/8FFD)
etag: 0x8D83A9FBE59A77E
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 4eb85c87-901e-0157-0aff-6c773e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sat, 08 Aug 2020 02:16:23 GMT

GET
H2 200 urs.js Show response
urs.zdnet.com/sdk/ 50 KB
50 KB 189ms
134ms Script
application/javascript 34.102.213.242
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://urs.zdnet.com/sdk/urs.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.213.242 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

242.213.102.34.bc.googleusercontent.com

Software

Resource Hash

fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
via: 1.1 google
last-modified: Mon, 13 Apr 2020 17:57:02 GMT
etag: "5e94a7ee-c803"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript
status: 200
accept-ranges: bytes
alt-svc: clear
content-length: 51203

GET
H2 200 mpulse-1.0.2.js Show response
zdnet1.cbsistatic.com/fly/js/libs/ 61 KB
12 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18568
status: 200
vary: Accept-Encoding
content-length: 12449
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:39 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "ff63651650d08c314776364d2cf50383"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 14 Aug 2020 17:06:50 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/ 115 KB
20 KB 9ms
8ms Fetch
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/consent/bc1ecd99-9ce4-4c1a-97f9-51121cc6da4c/bac19328-3673-4434-b575-5b669b4d361d/en.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE1) /
Resource Hash: 71452d872d1aef3958ceb43975d3787338749830a8dc1824ba39edf8c99fb77e

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
content-md5: HNnvZE3AXutL6ksg4MJgBA==
age: 8910
x-cache: HIT
status: 200
content-length: 20697
x-ms-lease-status: unlocked
last-modified: Thu, 06 Aug 2020 15:25:11 GMT
server: ECAcc (frc/8FE1)
etag: 0x8D83A1CE93E5898
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: e90c601d-b01e-00e5-2cf3-6cca11000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sat, 08 Aug 2020 02:16:23 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/v2/ 2 KB
1 KB 30ms
29ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/v2/config.json?key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&t=1596838583419&s=11331f7354430a615f5218253ac6bbb04c0a8ce12ab330c202e6b69c2f47202e
Requested by: Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 934c7e53aed9ae8ddc106f4d215c94420dcf6d9f75eabaaabd38f2dc5ab4699e

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 848

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020080301.js Show response
securepubads.g.doubleclick.net/gpt/ 261 KB
91 KB 63ms
62ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 15:21:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93494
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:23 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 12 KB
3 KB 7ms
6ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otFlat.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F11) /
Resource Hash: ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
content-md5: 6gV+HVzh3FZtolGVOUCRaQ==
age: 3640
x-cache: HIT
status: 200
content-length: 3248
x-ms-lease-status: unlocked
last-modified: Fri, 07 Aug 2020 07:01:36 GMT
server: ECAcc (frc/8F11)
etag: 0x8D83A9FBA057F52
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 8a1da239-b01e-0140-70ff-6cb75d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sat, 08 Aug 2020 02:16:23 GMT

GET
H2 200 otPcPanel.json Show response
cdn.cookielaw.org/scripttemplates/6.4.0/assets/ 59 KB
14 KB 7ms
7ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/assets/otPcPanel.json
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.4.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAB) /
Resource Hash: 28a4d9ca7700a593d7b252b8b10f5194d0230474dff2b0209a09ef6238f40901

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
content-md5: lOeFi0DFo0NKO8VWAKBC6A==
age: 988
x-cache: HIT
status: 200
content-length: 14242
x-ms-lease-status: unlocked
last-modified: Fri, 07 Aug 2020 07:01:38 GMT
server: ECAcc (frc/8FAB)
etag: 0x8D83A9FBAC6D174
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ce8b28c0-e01e-00b9-5206-6d3be8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
expires: Sat, 08 Aug 2020 02:16:23 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/cbsprebidheader506831276743/ 227 KB
78 KB 76ms
23ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 16b0024d58d87c8e947ab32a0cc821c49742f166d16f56841743cb1321e69b19

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
last-modified: Wed, 05 Aug 2020 23:55:31 GMT
server: AmazonS3
x-amz-request-id: 3D69ED45AB3A484E
etag: "6504555cb39be778f3f5b82e8ecfe9f4"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17738
accept-ranges: bytes
content-length: 79864
x-amz-id-2: bJA9CGBFs5nIpvoHpZREHUEUfJE2oitroNKNutmNQeDKF+me5Z6whDdPFc7dlEOCxMvpDbXTwmc=

GET
H2 200 article-d35fe36fe4-rev.js Show response
zdnet4.cbsistatic.com/fly/js/pages/ 146 KB
38 KB 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet4.cbsistatic.com/fly/js/pages/article-d35fe36fe4-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

bd162f540d2ced39e73b10c5c7d51e84db1b90242419de4ffbe983a3f487affd

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297351
status: 200
vary: Accept-Encoding
content-length: 39187
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Aug 2020 10:30:16 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "4f27388150fa76a27fe9f62a26ed1bac"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Aug 2020 11:40:32 GMT

GET
H2 200 CBSI-PLAYER.js Show response
vidtech.cbsinteractive.com/uvpjs/0.42.297/ 1 MB
281 KB 51ms
10ms Script
application/javascript 2a04:4e42:1b::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidtech.cbsinteractive.com/uvpjs/0.42.297/CBSI-PLAYER.js
Requested by: Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::645 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
content-encoding: gzip
age: 563232
x-cache: HIT, HIT
status: 200
content-length: 286838
x-amz-id-2: RAKpW1+K1T0gOqeBLbjZUO9KxhQE2omwf1Vh1FzzUysRkp83/cPfXYZJCv1QBtEsMe4qQ/qunTM=
x-served-by: cache-dca17783-DCA, cache-hhn4061-HHN
last-modified: Fri, 01 Feb 2019 18:20:56 GMT
server: AmazonS3
x-timer: S1596838584.690906,VS0,VE1
etag: "eb5dd4ed3dcb7641ebbcb604d7ddb038"
vary: Accept-Encoding
x-amz-request-id: BA626696F73B1CAC
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=2592000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1, 1

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 122 KB
28 KB 62ms
20ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by: Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 33d644313c181510047a017300748af9b008505fb90d162487ed63e201bcffff

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:23 GMT
Content-Encoding: gzip
Age: 2179
X-Cache: HIT
Connection: keep-alive
Content-Length: 28079
x-amz-id-2: nIbg5jvB5MwO5XLhjFjIc88ldaMAPJReg8bIfhiRWOKBCo3j6nNA2FgAbIuUnd32OUUR7vfWflw=
X-Served-By: cache-hhn4057-HHN
Last-Modified: Fri, 07 Aug 2020 21:33:54 GMT
Server: AmazonS3
X-Timer: S1596838584.777348,VS0,VE0
ETag: "56328b7d23a6ec6279d9815d3b5232a8"
x-amz-request-id: 0923E8E16F98D6F0
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 72

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 135 KB
51 KB 397ms
397ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2783474498725872&correlator=930342501726330&output=ldjh&impl=fifs&adsid=NT&eid=21066706&vrg=2020080301&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200807&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=5x5%2C728x90%7C970x250%7C970x66%2C300x250%7C300x600%7C300x1050%2C300x250%2C371x771%2C320x50%7C11x11%2C300x250%2C728x90%7C970x250%7C970x66&fluid=0%2C0%2C0%2C0%2C0%2Cheight%2C0%2C0&prev_scp=pos%3Dnav%26sl%3Dnav-ad%253FT-1000%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%7Cpos%3Dtop%26sl%3Dmpu-plus-top%253FT-1000%7Cpos%3Dmiddle%26sl%3Dmpu-middle%253FT-1000%7Cpos%3Dtop%26sl%3Ddynamic-showcase-top%253FT-1000%7Cpos%3Dtop%26strnativekey%3D8ec3a4f3%26sl%3Dsharethrough-top%253FT-1000%7Cpos%3Dbottom%26sl%3Dmpu-bottom%253FT-1000%7Cpos%3Dbottom%26sl%3Dleader-plus-bottom%253FT-1000&eri=1&cust_params=buyingcycle%3Ddiscover%26topic%3Dsecurity%26tag%3Dcyber-security%252Ctarget%26device%3Ddesktop%26ptype%3Darticle%26cid%3Dmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%26env%3Dprod%26user%3Danon%26userGroup%3Dfirst_impression%26type%3Dgpt%26region%3Duk%26subses%3D1%26session%3Dd%26pv%3D1%26vguid%3D8cda53b3-960b-4a55-821b-4e2aee5c6414&cookie_enabled=1&bc=31&abxe=1&lmt=1596837675&dt=1596838583734&dlt=1596838583070&idt=585&frm=20&biw=1600&bih=1200&oid=3&adxs=0%2C-20%2C1050%2C1050%2C1015%2C215%2C1050%2C436&adys=0%2C285%2C405%2C2424%2C1623%2C1796%2C3306%2C3829&adks=2072725681%2C3581870410%2C1925781520%2C3289239044%2C3970605601%2C2484431570%2C3509234736%2C519614694&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&dssz=33&icsg=536881664&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x4289%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x11%7C370x250%7C1210x90&msz=1600x5%7C1600x90%7C370x250%7C370x250%7C370x771%7C770x11%7C370x250%7C1210x90&ga_vid=1854298807.1596838584&ga_sid=1596838584&ga_hid=651552164&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

9b32fd96ddcb96dd575ef3821533f396a33dcef671cce0573dbe53753c8c49a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52219
x-xss-protection: 0
google-lineitem-id: 5408307569,5408307569,5408307569,5408307569,4825966980,4745189935,-1,5408307569
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138318247577,138315506739,138315506754,138315506562,138247024569,138239344475,-1,138315506751
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9c60745ed3b12fc43828a92f65212b2b.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 84ms
38ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9c60745ed3b12fc43828a92f65212b2b.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 281 B
455 B 94ms
44ms Script
text/html 35.177.118.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&callback=MoatNadoAllJsonpRequest_30574695
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.177.118.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-177-118-109.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: e5f1bab62856cb69b0f1d460b43cb4386a7568e6e88f8cf02192ffd2fc2ad0d0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
server: TornadoServer/4.5.3
etag: "c2d42f5d31be809deb7cba8e672aec6a285f9733"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 281

GET
H2 200 n.js Show response
geo.moatads.com/ 125 B
300 B 77ms
27ms Script
text/html 3.9.96.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1596838583777&de=421822182580&rx=889661657086&m=0&ar=3ad1957-clean&iw=0b4ad6e&q=1&cb=0&cu=1596838583777&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A328%3A328%3A0%3A367&fs=183802&na=1298509220&cs=0&callback=DOMlessLLDcallback_30574695
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.96.171 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-96-171.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: d4e6d303036dd6be644751d91dd2f32eb46246305000f84381851a54e7a8b294

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
server: TornadoServer/4.5.3
etag: "f9eb5ed831696d4299bbf890f685876449d20dfb"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 125

GET
H2 200 n.js Show response
geo.moatads.com/ 128 B
303 B 77ms
28ms Script
text/html 3.9.96.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1596838583777&de=421822182580&rx=889661657086&m=0&ar=3ad1957-clean&iw=0b4ad6e&q=2&cb=0&cu=1596838583777&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=undefined&bd=undefined&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A328%3A328%3A0%3A367&fs=183802&na=462707451&cs=0&callback=MoatDataJsonpRequest_30574695
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.96.171 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-96-171.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: e55516d320a925a84246c11ae96b163de908c158d063608e1c2552d58d46354a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:23 GMT
server: TornadoServer/4.5.3
etag: "df47843bd0f5505ff43294586ae49d6043f93120"
content-type: text/html; charset=UTF-8
status: 200
cache-control: max-age=900
timing-allow-origin: *
content-length: 128

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 26ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&t=1596838583777&de=163675370892&d=CBS_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&ar=3ad1957-clean&iw=0b4ad6e&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=zdnet.com&bd=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&ac=1&bq=11&f=0&na=773736168&cs=0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:23 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:23 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202008040943/ 154 KB
49 KB 22ms
21ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008040943/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 49083dd79d7aa8f37a213ad1beab345090c4cbff08a528caeb0bd8157f5d8a9a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:23 GMT
Content-Encoding: gzip
Age: 626
X-Cache: HIT
Connection: keep-alive
Content-Length: 49349
x-amz-id-2: CoNIDpbaFNGB1X12gTV6+k5e6+X1UarGFmkY0uUvkDmEhoMQW2qLy8gqHAW/Vy5tiSiobtAF+WQ=
X-Served-By: cache-hhn4057-HHN
Last-Modified: Tue, 04 Aug 2020 13:51:10 GMT
Server: AmazonS3
X-Timer: S1596838584.959999,VS0,VE0
ETag: "2ecbc925612e84e23db4a6d79882ba5c"
x-amz-request-id: E81BE66FADB168E7
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 795

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202008040943/ 69 KB
22 KB 52ms
21ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202008040943/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa5740e5dd91661ac0c60b3074143ec1e654ae1f1297ac3d390a3369521d7def

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:23 GMT
Content-Encoding: gzip
Age: 622
X-Cache: HIT
Connection: keep-alive
Content-Length: 22251
x-amz-id-2: xTktK3CacFnSmcPPfptpfZ9EcVSdXcC+994ziPUXS2OkAgcbPtAZoJU1yhC3Bxkb44NWE5m1QbY=
X-Served-By: cache-hhn4057-HHN
Last-Modified: Tue, 04 Aug 2020 13:51:11 GMT
Server: AmazonS3
X-Timer: S1596838584.991618,VS0,VE0
ETag: "890711d791d61f161a23c20c1ee72bad"
x-amz-request-id: 2A1E21335853B1CB
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 423

GET
H/1.1 204
No Content / Show response
6852bd11.akstat.io/ 0
354 B 45ms
30ms XHR
image/gif 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd11.akstat.io/?h.pg=article&when=1596838583942&cdim.Site_View=desktop&t_other=custom4%7C203&d=zdnet.com&h.key=YZ2TK-PC7PJ-K64DL-L53CR-P2G4E&h.d=zdnet.com&h.cr=6048dc669dfccd7b32940d7a23cac8c5a1797d45&h.t=1596838583437&http.initiator=api&rt.start=api&rt.si=3b136a60-3dcf-4200-b8f5-3a6e8d2e6c65&rt.ss=1596838583970&rt.sl=0&api=1&api.v=2&api.l=js&api.lv=0.0.1

Requested by

Host: zdnet1.cbsistatic.com
URL: https://zdnet1.cbsistatic.com/fly/js/libs/mpulse-1.0.2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:23 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.zdnet.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Fri, 07 Aug 2020 22:16:23 GMT

GET
H2 200 nr-1173.min.js Show response
js-agent.newrelic.com/ 27 KB
10 KB 60ms
20ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1173.min.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-amz-request-id: E6D3F1910A679F27
x-cache: HIT
status: 200
content-length: 10274
x-amz-id-2: ys/z3NZ+V3rUlCEj1KSODwmmm1TWm+mr1GPYvBVboUsIB8l91YxfF8XpivFumGGv2VxShyoTPO0=
x-served-by: cache-hhn4033-HHN
last-modified: Fri, 10 Jul 2020 18:42:03 GMT
server: AmazonS3
x-timer: S1596838584.058902,VS0,VE0
etag: "b92d3dbf75d13116d7a4d0e6e3e30a00"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 16650

GET
H2 200 / Show response
www.zdnet.com/components/breaking-news/xhr/ 1 KB
641 B 115ms
115ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/components/breaking-news/xhr/?slug=breaking-news-banner

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5171f084f7b4d043c8005d4409f79046417315101bb83a3d60e9b6336026fad4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
x-content-type-options: nosniff
status: 200
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 07 Aug 2020 22:14:19 GMT
x-frame-options: SAMEORIGIN
date: Fri, 07 Aug 2020 22:16:24 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
vary: Accept-Encoding, User-Agent
x-tx-id: ada88146-a781-4366-a936-56aed997bfb4
content-type: application/json
cache-control: max-age=5400, private
accept-ranges: bytes
expires: Fri, 07 Aug 2020 23:44:19 GMT

GET
H2 200 image-gallery-modal-426b98fe1d-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/image-gallery-modal-426b98fe1d-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98075
status: 200
vary: Accept-Encoding
content-length: 1860
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "0e16e7503766477acbdd55f93bf0d76d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Aug 2020 19:01:26 GMT

GET
H2 200 16.jpg
zdnet1.cbsistatic.com/hub/i/r/2020/05/28/f6a9d972-2558-434b-9444-6ea2568473bf/thumbnail/170x128/3c76e52b08484de2ae1768f8cf0d5e30/ 11 KB
10 KB 8ms
7ms Image
image/jpeg 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet1.cbsistatic.com/hub/i/r/2020/05/28/f6a9d972-2558-434b-9444-6ea2568473bf/thumbnail/170x128/3c76e52b08484de2ae1768f8cf0d5e30/16.jpg

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

c30417ade9612a3d09d816f48c1f1640283658e0787f8c47340b5eb4f722f900

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5746423
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 10413
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"99ef8a644d84701c79bad8f4c3a7b4d7"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 disqus-loader-e3cab293df-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 1 KB
992 B 6ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/disqus-loader-e3cab293df-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297344
status: 200
vary: Accept-Encoding
content-length: 667
x-xss-protection: 1; mode=block
last-modified: Tue, 04 Aug 2020 10:30:16 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "e4ceac9facb44e13fbb733bf53016dbf"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Aug 2020 11:40:22 GMT

GET
H2 200 screenshot-2020-08-02-at-13-42-27.png
zdnet3.cbsistatic.com/hub/i/r/2020/08/02/f31ee21c-bc2b-4d47-924c-84ec73a544da/thumbnail/170x128/c4cf125ac5ec6347884ba5af1c83835d/ 28 KB
28 KB 10ms
7ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/08/02/f31ee21c-bc2b-4d47-924c-84ec73a544da/thumbnail/170x128/c4cf125ac5ec6347884ba5af1c83835d/screenshot-2020-08-02-at-13-42-27.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a9d223169bdabbdfe3a3a39ab3597df51b729ec1363270aef238de0595bf3561

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34329
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 28597
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f5abe18064d57c2e5a768504a2041036"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2020-08-07-at-09-04-29.png
zdnet3.cbsistatic.com/hub/i/r/2020/08/07/3122a560-1c51-478f-8cd3-3e19a480008b/thumbnail/170x128/96bdb8a2954ff6a939278ddbeda097d8/ 34 KB
34 KB 9ms
6ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/08/07/3122a560-1c51-478f-8cd3-3e19a480008b/thumbnail/170x128/96bdb8a2954ff6a939278ddbeda097d8/screenshot-2020-08-07-at-09-04-29.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

af541c3da7437e04cc6b364df8c496ed3ab7be2e45f2e0283a040a1ceea51173

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38487
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 34938
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"d0827043dbbfc18eb8fb662b0bef026c"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2020-08-07-at-09-03-39.png
zdnet3.cbsistatic.com/hub/i/r/2020/08/07/6b069db9-3cea-4098-9310-c4d391343d4c/thumbnail/170x128/680d401d5ce10050800abf443e59defe/ 36 KB
36 KB 10ms
8ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/08/07/6b069db9-3cea-4098-9310-c4d391343d4c/thumbnail/170x128/680d401d5ce10050800abf443e59defe/screenshot-2020-08-07-at-09-03-39.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6074986477af6f486e9d72c9a9d8d40a54bf432772187fa2b277e9c9eaf406af

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40317
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 36553
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f1cdeb875d0954c6be872e56ee892e5d"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 screenshot-2020-08-03-at-15-32-45.png
zdnet4.cbsistatic.com/hub/i/r/2020/08/03/44a3b056-d686-451e-80e3-0b3ec7174c1c/thumbnail/170x128/48b7fc279ae5f43ca24b16018ad7c7c9/ 42 KB
42 KB 10ms
9ms Image
image/png 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/08/03/44a3b056-d686-451e-80e3-0b3ec7174c1c/thumbnail/170x128/48b7fc279ae5f43ca24b16018ad7c7c9/screenshot-2020-08-03-at-15-32-45.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a2b547891d584a8bf38396379676d3d59311d5c0ec087c408f009151d21bec94

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82090
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 43185
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"7473ee855ddfe8e6ff4b309d905a4ddc"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
www.zdnet.com/newsletter/xhr/widget-login/ 2 KB
875 B 214ms
214ms XHR
application/json 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdnet.com/newsletter/xhr/widget-login/?topic=security

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

dd97ee88cf27cd554b45350b00827365f5c1df0e92f7108d8c4bc282f9be5cb9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'self' *.zdnet.com *.ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Fri, 07 Aug 2020 22:16:24 GMT
expect-ct: max-age=0, report-uri="https://7a8f8748a40805618a61b617481a6ebc.report-uri.com/r/d/ct/reportOnly"
x-frame-options: SAMEORIGIN
x-tx-id: 28332bfb-a75e-40a0-a352-2d30c293fde6
content-type: application/json
status: 200
cache-control: no-cache
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
vary: Accept-Encoding, User-Agent
x-xss-protection: 1; mode=block

GET
H2 200 front-door-carousel-d989216481-rev.js Show response
zdnet1.cbsistatic.com/fly/js/components/ 5 KB
2 KB 8ms
8ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet1.cbsistatic.com/fly/js/components/front-door-carousel-d989216481-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98180
status: 200
vary: Accept-Encoding
content-length: 1542
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:46 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "74aee7043a94fa60f86801741415796e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Aug 2020 18:59:39 GMT

GET
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/1/ 57 B
275 B 440ms
120ms Script
text/javascript 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/36c1ca5070?a=396312832&v=1173.01dd3ba&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=1249&ck=1&ref=https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/&ap=388&be=206&fe=1140&dc=367&perf=%7B%22timing%22:%7B%22of%22:1596838582869,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:1,%22c%22:1,%22s%22:7,%22ce%22:14,%22rq%22:14,%22rp%22:198,%22rpe%22:220,%22dl%22:201,%22di%22:367,%22ds%22:367,%22de%22:367,%22dc%22:1140,%22l%22:1140,%22le%22:1154%7D,%22navigation%22:%7B%7D%7D&fp=327&fcp=327&at=GRpEEQsdTEpGWUYLTR9F&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1173.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/08/07/3122a560-1c51-478f-8cd3-3e19a480008b/thumbnail/170x128/96bdb8a2954ff6a939278ddbeda097d8/screenshot-2020-08-07-at-09-04-29.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

af541c3da7437e04cc6b364df8c496ed3ab7be2e45f2e0283a040a1ceea51173

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38487
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 34938
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"d0827043dbbfc18eb8fb662b0bef026c"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/08/02/f31ee21c-bc2b-4d47-924c-84ec73a544da/thumbnail/170x128/c4cf125ac5ec6347884ba5af1c83835d/screenshot-2020-08-02-at-13-42-27.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a9d223169bdabbdfe3a3a39ab3597df51b729ec1363270aef238de0595bf3561

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34329
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 28597
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f5abe18064d57c2e5a768504a2041036"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet3.cbsistatic.com/hub/i/r/2020/08/07/6b069db9-3cea-4098-9310-c4d391343d4c/thumbnail/170x128/680d401d5ce10050800abf443e59defe/screenshot-2020-08-07-at-09-03-39.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

6074986477af6f486e9d72c9a9d8d40a54bf432772187fa2b277e9c9eaf406af

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40317
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 36553
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"f1cdeb875d0954c6be872e56ee892e5d"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zdnet4.cbsistatic.com/hub/i/r/2020/08/03/44a3b056-d686-451e-80e3-0b3ec7174c1c/thumbnail/170x128/48b7fc279ae5f43ca24b16018ad7c7c9/screenshot-2020-08-03-at-15-32-45.png

Requested by

Host: zdnet3.cbsistatic.com
URL: https://zdnet3.cbsistatic.com/fly/e48275-fly/js/main.default.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

a2b547891d584a8bf38396379676d3d59311d5c0ec087c408f009151d21bec94

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82090
status: 200
content-transfer-encoding: binary
x-image-exists: 1
vary: Accept-Image-Webp,Accept-Image-Webv
content-length: 43185
x-xss-protection: 1; mode=block
server: ContentServer
x-frame-options: SAMEORIGIN
etag: W/"7473ee855ddfe8e6ff4b309d905a4ddc"
strict-transport-security: max-age=31536000
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 show-hide-1.0-7bf562809f-rev.js Show response
zdnet3.cbsistatic.com/fly/js/components/ 2 KB
1018 B 7ms
6ms Script
application/javascript 2a04:4e42:1b::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://zdnet3.cbsistatic.com/fly/js/components/show-hide-1.0-7bf562809f-rev.js

Requested by

Host: zdnet2.cbsistatic.com
URL: https://zdnet2.cbsistatic.com/fly/js/libs/require-2.1.2.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::444 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

ContentServer /

Resource Hash

cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e

Security Headers

Name	Value
Content-Security-Policy	default-src https://.zdnet.com:
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84005
status: 200
vary: Accept-Encoding
content-length: 671
x-xss-protection: 1; mode=block
last-modified: Wed, 05 Aug 2020 15:57:47 GMT
server: ContentServer
x-frame-options: SAMEORIGIN
etag: "c80f3e247909db64dbbdd937ec12594d"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=604800,no-transform
gcstest: false
content-security-policy: default-src https://*.zdnet.com:*
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Aug 2020 22:55:55 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B75D 0
0 56ms
55ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJGqLGE-W3wVVRlUNITIsAXbzd-xgvEUmjYuxjTu5dqqlSYkfcsd4sOXU80T__SoThNuIsrWYS5mWGx79SiLBSsQo7aIIo7VfGciTIfaFhJm4p_WTnxqsmWx26X9h5md8F38He_RVTCwtZlxOASNMqy98P76zUAeY6T7xJ8pyCDDWbQ85M50Gk0JVWkevtvQ_DuFzGlfO3GrkqmNeg6o7tmrIoxBx8E3Y11cr8C6-0L_CQFRoJz2zfc9JOnjl0NoaL8-6yQVVfyOFabw&sai=AMfl-YRCeRlQw04WT0jw80PtTYupeldneLb9LqdzX0D5ovl9WSPVWxfZVjHO8VEinKfmQQbq30ialnICPDidO8zzznYa6lhapphBFIFIQ-55ij9r20L2PREUOND2Ggr1nz4&sig=Cg0ArKJSzOMQ1H2zSfZTEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 ad.js Show response
clipcentric-a.akamaihd.net/ad/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/ Frame B75D 134 KB
37 KB 98ms
19ms Script
text/javascript 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/ad.js?q=1594394423
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: ae50002108857fc4760f878c17834297141e0715e5513be2c2a9754b56e28a4d

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: br
last-modified: Thu Jan 1 00:00:00 1970
server: Apache/2.2.34
content-length: 37273
content-type: text/javascript

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B75D 73 KB
28 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame B75D 321 KB
107 KB 26ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7367 0
0 107ms
54ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssVBlw_mBVcg-88PI7ZqtNqlCAWiSGYPBjgZrs8ihp5qQ5Ud7LISLWkzGe9HMg0GPloNXarfAs3nQGYeR1Kv0iDPo4x4oii-Z-JEr6bpU00OX05ZqFkbfzJQPtHc7T_UmWYUaUGdfH8UfoQqdBVR2RffI0MYkJU2XQH61K427XgeRN9OOG8eEy5FZPfAZGXZ_yPi49f0aj-lUwjnziC4p5tG53K5AsXu2kCLqLR9WkS57wLcHTz7-nRK-wIM4Jb_Dbm_G4VNHo-GoUdm_3vwQPZveHe3vESS5pLkJfZ1BKKhnMV-hHhemRJbUdTp2fTEkp1jigQ1PFE0RSJBU9pN0ZR&sai=AMfl-YSDUniL3uJa2s0p4mD51SA_ezj0POcyjQyFg_HgtUwmy8CoH828183fCWy-w2z30bVLFl5JUr43omVyAHB7dYcai23y0SPyPjhFhHmrZciZriclmJz4pQrH-6QEXQM&sig=Cg0ArKJSzPTYXtR6WtBzEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7367 41 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 16:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19941
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Aug 2021 16:44:03 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7367 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 7367 321 KB
107 KB 30ms
30ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-728x90px.jpg
s0.2mdn.net/4788165/ Frame 7367 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4788165/Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-728x90px.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b542800ef8e1df333b81d7ff9a8dc2764a09a013bc916485d21391257f5be5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:02:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 14:43:06 GMT
server: sffe
age: 828
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26980
x-xss-protection: 0
expires: Sat, 08 Aug 2020 22:02:36 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B0F9 0
0 99ms
55ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvEKP8urd10B94Wz1F3IcH8EAdSETsCky92CRDjyz0qFAaKyhwPB0EgtFjkFSXHLHoxJCUjkgluSzoE3tva6OQm8ur6inOrd4ZakmcnlDGktxSyUxpqYXxtrZaAvcSbvafSOcsz0oD-JPKuZFkmkyMugD_7LYZRua3YD92JInHOPBngs6aq5NOA3d0oBGBB1MXAo6b__c0QP_iCOjLzJlx91ERM94PJNuokmzuBmcfbSDdOH96J3eLg3t8RxXb3iWiq9qYTVhAmFRSQOZ4IFb1HcFiEORkiK2QUc8GJApqlqwc2-FU-wHczSbbeH7rSRWtDL8m62xEsvK9ttkd-L3s6&sai=AMfl-YQjDZ4giNcutFnLmSANZqu-ebIfQZ9Wczlgp-_2Y2PhDCFIbtgQnNPMg-q4u0zwth5AiR98VpDJB1QuS5ruXH6KHCf66530li0RM3qkyOogRg9HXpaS9aGCx4PgOc0&sig=Cg0ArKJSzIvmCUcpXi57EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B0F9 41 KB
15 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 16:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19941
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Aug 2021 16:44:03 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B0F9 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame B0F9 321 KB
107 KB 34ms
33ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-300x250px.jpg
s0.2mdn.net/4788165/ Frame B0F9 31 KB
31 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4788165/Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-300x250px.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebfd6cf3438fa94e034b9a351ef06363ddcf3da9245e5f624c42c040495a1ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 13:57:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 14:42:48 GMT
server: sffe
age: 29924
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31869
x-xss-protection: 0
expires: Sat, 08 Aug 2020 13:57:40 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E713 0
0 90ms
56ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv4a-6sFtmGtVJCcjjeDUylEnX1Fq1VdgL69xSETxsyEpILJ8iatv2NT26u8rEyJAlZfL78huKtdhequ7Fs1eV_8a_ZoJuSzguduY-ev_pHxY_J7W554fkZWFhIhOQsVASS7hTyOCFe5BXEnQMsP8HiQR1Mmx-wSk5D__H2BNTLiLukCzpM4OamDxHHUsex-7JvriDh4KB4UWxDzBYmF-nJq-qdsPuBQfgq_l3k0t6e7t3mTw7jjLSAcEetG4x7h0w0yX-FPDx0xPUkDZDU1RdSNAm2xXd41NoLv-6nXd7ZtV8UfwTWuLnr67Y-IJST9ZMY1ZX2irIs1gnWHe6qlXSV&sai=AMfl-YT-MBTil0l5VZiyGHF5QJjr-HOgqLQoETrFl5JVejfoq_1bHf_1hosxJPccQEyFBtXcM8Tl1FidcdAMh6ArWK2dDH2je5ewnwijWZOAPEKz8kCD6TSkwqnkwbC-wto&sig=Cg0ArKJSzIs8zqScB8NWEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-300x250px.jpg
s0.2mdn.net/4788165/ Frame E713 31 KB
31 KB 8ms
5ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4788165/Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-300x250px.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebfd6cf3438fa94e034b9a351ef06363ddcf3da9245e5f624c42c040495a1ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 13:57:40 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 14:42:48 GMT
server: sffe
age: 29924
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31869
x-xss-protection: 0
expires: Sat, 08 Aug 2020 13:57:40 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E713 41 KB
15 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 16:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19941
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Aug 2021 16:44:03 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame E713 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame E713 321 KB
107 KB 29ms
28ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
26 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067cd2fd3f72ea2ce0db4d57214f569d99a2f6d485098adf28885dd2f2038b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 927A 0
0 59ms
58ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvwIk44-lGGPYsOMEXRApC8kLK1DYRYbd59b_T-gooBC5gLU8WKIKXhZ_L67O_zgUdVKPbyrc3tF3UrETRP1gFs4dLdu8UqSjfUBj1MMMd1V2uZx-BYQe4ic8okr4YXvxOnFe1Gtl5fDjyf6UHiL-iIXBkUes5sIBYsHpJ1H-hWoNzMm87YklMy6KTLsIi8N4yMah4kknQALSBGM7je3tBFyEME4CCxy5Oq2drg8wVbsj7Ty0LuVj1zovYzGX1G1JMruwe9AsIT&sai=AMfl-YTUuL5lDuT7q-M2Fa4U8zCLp3vHUShWE8MkNVoXLkt0tXEE88uk1GozHEX0mXorv2jWBfIx-rBRHXkyQOM79eeyffQDNCqD1rBiaPQpTtv2-joJ1F-HtFTP73k4u-0&sig=Cg0ArKJSzLc48gtGYhN6EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK adKit.min.js Show response
rev.cbsi.com/common/js/ Frame 927A 6 KB
2 KB 87ms
24ms Script
application/x-javascript 104.111.215.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/adKit.min.js?1842584508
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.35 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:24 GMT
Content-Encoding: gzip
Last-Modified: Mon, 13 May 2019 18:29:20 GMT
Server: AkamaiNetStorage
ETag: "e524dc608d5c7c30eef57b6ed95dc6a8:1557772160"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2149

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 927A 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 927A 321 KB
107 KB 26ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B618 0
0 57ms
57ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuNArMjvnSF3fktnparhGy1surSoWFOf2hqk9fD7wuk9GS8-tjqTwZX6tBB8jbHK-o7_1rYtVvPZt4JLK1OfDGoTGxp8hQfO_YRgR5ybVxyl-GkWXXDIvePBa0xGXPQNSU3atVzYp8QqTcSagOdipgWUIbWrhMDribBNnJkJ777_AhVLN5o9_yfORrGsWn2mA7nNluJzLC9MwY5s_6qqKDqiaBRSTfCmP2drO9uQW6LtqRe9sRkYLKOiinVXVAYYRkvfHnrmbIv&sai=AMfl-YRh9Cdh238BUHLvwuTx1o7roDrnh5r32grF4yPMET9_ExudOGONPRWOBaPLEiBugXzYS6NDrCba1sS_g7rcdGqvJ3gcYj6Ig-e4pn_mZ9B84EVVd0BEKe4HtiTuEgU&sig=Cg0ArKJSzLXHD5rQwUs3EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame B618 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame B618 321 KB
107 KB 26ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012007280015000/ Frame 35D9 206 KB
56 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008040943/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 90330
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57348
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 21:10:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "67e3cc633414a037"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 21:10:54 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35D9 16 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-ad-exit-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008040943/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132132
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5911
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 09:34:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2b698f14ce780d2f"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 09:34:12 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35D9 96 KB
29 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-analytics-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008040943/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 90400
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29729
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 21:09:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "343248c140f42a43"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 21:09:44 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35D9 4 KB
2 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-fit-text-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008040943/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132180
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1779
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 09:33:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e9949b381080a26e"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 09:33:24 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012007280015000/v0/ Frame 35D9 48 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012007280015000/v0/amp-form-0.1.js

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008040943/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 132203
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15002
x-xss-protection: 0
server: sffe
date: Thu, 06 Aug 2020 09:33:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a54c33253427c91"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Aug 2021 09:33:01 GMT

GET
DATA 200
OK truncated
/ Frame 35D9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16ce793a9938ff875a3bfd0f28596e0476c5acafeb9141eeb023fd40b3f9f68b

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 28AF 0
0 64ms
55ms Fetch
image/gif 216.58.206.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss9AquGRPwjy-H6lioZ25RGUGAwilpzroLvLqzM29o1ONtcPVfuux618QbWSEi7C7oWLK4exq1x7L1Yh_jeg4UsKcc7Yi3gqcQgP1Lfi0K-9M8J6-gaTwWa_9rhEk1T82r0FBN2W-_KOlmgq5D5C0r78qv58pxP9p50UU3P_Wo4HgygVpI48rzYIdiUJP6eG-QEk0yHtwwAPcasdc1uhY4fp-SQK4bHUmm_BQ5AgYtnw5GppIePyzk9SJvVEj14lk8a2vNRoEMfpM68BNnRooS2CUMtjwi3CnOPyng1dGjChx2aNQLnpuvyz9BsjFORhZ9F5WhmLsD-gynbizXSARL2&sai=AMfl-YRnM4EA-l8AYRHWe3sMZLf0FaUzVNyUSZ162JyLNW8zGPFcGMVAOmgyRIr7Gp1dmV05NrC5TUmR6PBvuAEEcnD3uNfEOF9uDjysXKLQa1040toK2hUqPp576Q3s5Iw&sig=Cg0ArKJSzAFzrVMPqbjvEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-728x90px.jpg
s0.2mdn.net/4788165/ Frame 28AF 26 KB
26 KB 14ms
5ms Image
image/jpeg 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4788165/Proofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-728x90px.jpg

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3b542800ef8e1df333b81d7ff9a8dc2764a09a013bc916485d21391257f5be5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:02:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2020 14:43:06 GMT
server: sffe
age: 828
status: 200
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26980
x-xss-protection: 0
expires: Sat, 08 Aug 2020 22:02:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 28AF 41 KB
15 KB 13ms
5ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 16:44:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19941
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Aug 2021 16:44:03 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 28AF 73 KB
28 KB 18ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame 28AF 321 KB
107 KB 29ms
24ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17707
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 1435552022353428479
tpc.googlesyndication.com/simgad/ Frame 35D9 122 KB
122 KB 14ms
7ms Image
image/gif 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1435552022353428479

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5478fcbc50ea5b31605f48f46695dccc551f7e157863978da3afdea2a3f37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 22:54:06 GMT
x-content-type-options: nosniff
age: 1898538
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125123
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:45:41 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:54:06 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 35D9 2 KB
3 KB 13ms
6ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40046
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 35D9 295 B
360 B 12ms
6ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 2966
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 08 Aug 2020 21:26:58 GMT

GET
H2 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 35D9 0
0 39ms
32ms Image
text/html 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CwSwot9ItX9CxMfW5lQfrjJeAA_j1z8le7o7gybQL-uC_oNQBEAEgzJGuImC56L6A1AGgAe6R080DyAED4AIAqAMByAMIqgS4Ak_Q0jtdTgtMTsYQ9EOPHdnBo5lz6pjKoCJnrSYACFs5r3GbNsoGrlQwsdcLUjO_Sdq9IyCqASNhiYlTtLZbWGwghUmCrswkU0IJShH5YzOjXiWTWgt13MJVXEAJjp4j5awqr_CzccPav6XR78IOtv6xXxlJtehRMjYnvgUTYpsNzHC7-wiOnk8cu2ippAu5rPnLc7dYIw6ntuMNs8m5kr45bWaOf_u7DCofGwEbk9k686VWkOaHycnCuQJYGyVloUaQRfRZftZcxdpJpnXtWPjUX3qarFMqCq1FEBcEo9AnMpnurT6093mymEB6fUtxlwPjseJ0ly2_USQsCdHTcaolmpHUVUv5NeoBZbc1ppSzj_nZQOgSmk_LMqt9OcvGzWeTPVpKtHwAMfNcuZ366xfDG_NuIXwIJMAEmJqQspMD4AQBkgUECAQYAZIFBAgFGASgBgOAB97YlIEBqAeOzhuoB9XJG6gHk9gbqAe6BqgH8NkbqAfy2RuoB6a-G6gH7NUb2AcB8gcEEJaBCdIICQiA4YBwEAEYHYAKA8gLAdgTAg&sigh=ELmp9Jrs3ZA&tpd=AGWhJmszoXBCmzlF4OJuCPlmaiRyoV1RUL2FhprSF5hg8OPssA
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s21-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1596838583777&de=823848265332&rx=889661657086&m=0&ar=3ad1957-clean&iw=0b4ad6e&q=3&cb=0&cu=1596838583777&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A465723849%3A4676441751%3A138290752599&zMoatAType=content_article&zMoatTest=zdnet&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&fd=1&ac=1&it=500&pe=1%3A328%3A328%3A0%3A367&fs=183802&na=654565344&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
16ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff29991c34535dc315e224625153dcd3a6753a224af31f4fae09b0fcf0cfb98b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6264
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7367 0
54 B 56ms
56ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssCqGJwz1duK9nuLVUdF0BFnmwRbWXg1FdifoGurvLCkjGrVVViQnpa-0H4d5YkIsUHT1N9lbRlY0QUqjAsh16_p8GQ_lT7tczAK8w2DMqnSqIAdh3e2-RiOKOmi3w7tWYXasPeJPbh1StrOsyLqg5-lEjWQyoJMV76WAU7RfnlZlmDhW7kfUhMAKwK84E2H1uwPggLhToyYew-GjvJIoQbQGOtaQfo143vbFQLRXCI3qhO6YYe8dhS5nVWhyNnsIjijkt8kq-DWk_F&sai=AMfl-YTzxAdMUmS71ZWcWMlZdVvzXhK1HeushsA9PfVK01AJfO0mM3V7J6KGNCzCW0X5dPhCIZMe50tnpgduUTD7zgopeVMfoF-5O1FOn6zanSQR55Y6_t0ZcIdP40VAFqA&sig=Cg0ArKJSzMhWGpSOWt0LEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B0F9 0
54 B 57ms
56ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssDA4kZrMnDlgGtW-SMH3IkhUrWOwJr2RWYi5YVtB5hPmFlr9NVpldw-GgViqHgk-WnG9HE59DIyz2jv1E7t_9scS_f9LQbcaAVURz9QlX8lghdjdTeuGUgsoM-2RlldwQEgot7sBjaILgowhhPE-cv1vFOayFrvOm7rJ9EHVi-0IwHNyN9kYXiWbmR73TLIYX1mOeRHyAxnoIeYgfas2WivJu1y-6UydXPA-l_waijOJtdqUtwprJCoYQyULYWIuYM4avSvInGUxV8&sai=AMfl-YR0ZYvJ-NqL4xI-9n9FJAbCWAUxI-crv5tENlDesL2x0skOfj2xJW40K1SMSHFx4kSeadTOzdlnmhJCRpU3ZQ7qZkiRmTFDuimkDKAmh_aRfpCyi3e0ZYJ1Yfl1I7Y&sig=Cg0ArKJSzM8BQAeEKH5HEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E713 0
54 B 56ms
55ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswJ7phA2vBpUBwoF17c_Fof6ZeNxhfJ63wGKJz-i1qGKWsQ-2DJrwW9QTA9lv1QL9ueuc7Zzo3IYlrQKWGWRu2vVh5019nfikvR1NlA-QcK0TkFXq8-GHZIKqBwgzbKb_zo7Y103DY-pRsECKIAHK_9q-PUJCxT0ohPieIaoP41Ghy86jGde-2_AQiOIAvgRd8h3G_DAwh9z1pe4bop_CPKEnArGOZ3PYbE0N2AWQdldEs88lb3A5no_XIIub_UcJTKW_bpMv8G1cd&sai=AMfl-YRXozWqhQH70MwAqO_xtpF-hBlj3a7C82Jijd4yUo34zyF9KLuQvu5_711HeRrOY5C7WJYa4YRsaFfhHTG_v--xj-MQJdiDDBtT2_8LZJoOXIubQv8l7Og4I4waW4c&sig=Cg0ArKJSzIUfOYPxomeQEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B75D 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5ecce10349496978fe9d058a12564e3cb0e48adf3c0e1a7fc57df3e66a78507

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7367 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62db157eaa6bceff3340e6a6afd290aad70574148dbaa5609c19a26bc0fe84fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 69ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=5&fi=1&apd=10&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506739&S1id=23605329&S2id=23619609&ord=1596838584417&r=655758619798&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 69ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=5&fi=1&apd=10&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506739&S1id=23605329&S2id=23619609&ord=1596838584417&r=655758619798&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 69ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=5&fi=1&apd=10&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506739&S1id=23605329&S2id=23619609&ord=1596838584417&r=655758619798&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
DATA 200
OK truncated
/ Frame B0F9 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42fc03b5ad585826595d3cec8498bb969bc8ee3d5abebe51653a1d7a4a104b8a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E713 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c0095b130cbe34de49f5b8daf6e62ce7e54adc527cec608cccd78abe3750278

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4FB6 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Fri, 07 Aug 2020 20:24:13 GMT
expires: Sat, 07 Aug 2021 20:24:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6731
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 15C1 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Fri, 07 Aug 2020 20:24:13 GMT
expires: Sat, 07 Aug 2021 20:24:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6731
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 21ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506754&S1id=23605329&S2id=23619609&ord=1596838584495&r=18547783773&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 42ms
40ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506754&S1id=23605329&S2id=23619609&ord=1596838584495&r=18547783773&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 42ms
41ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506754&S1id=23605329&S2id=23619609&ord=1596838584495&r=18547783773&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
19ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506562&S1id=23605329&S2id=23619609&ord=1596838584519&r=464497657372&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=middle&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=6&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506562&S1id=23605329&S2id=23619609&ord=1596838584519&r=464497657372&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=middle&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2608 0
0 6ms
6ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Fri, 07 Aug 2020 20:24:13 GMT
expires: Sat, 07 Aug 2021 20:24:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6731
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 28AF 0
45 B 79ms
79ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvq5izGjinDo-9xgDqwEyrpFOB8nfKOlVQeC9EsYmx6-MeHI2Gq3wggyVH7yHm4uAskl34js7duJ8wjeDTlk4nsxg4lEhwhu8cBMnmsX0VWTZGa9HQoaUpv2UBVw2AO6eZfPL9_t1wpLChsPvls2f5tDYwnRt1sFnXL-2RuN3bgY8rOsbR0aXS5iHJlJGKnzNNalC5wQg62MU4bZ5rvV59DHx59GH8TKSk_pEd36vM7o1FxkGUdWamGvt_4HodN5JDM6OcQ5mFZvfm7&sai=AMfl-YSzlDZKJn2Yc5k1a5qMsKl8Ju6q7Be-mkBIV41H5HF9WyFaFmUNgL8DZO2gC3AELHrx0kjHgV8mwcGnZGE_9EypD7CXGHs-7undS19gjSAPgt6zME7tYHKGrRkvtaY&sig=Cg0ArKJSzEzL0QdzGcSAEAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 28AF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084582f49b5022596f7258664206ec0d00a03c757bb917450c8b1a369659353f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B618 0
54 B 66ms
66ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjahVL1las4UaVcuRwRgJIJluRHEDSP5VUTjREq0FOvz0DWyzpG_SAQBO-7iu5MPQ361BSrR0SNtXxk2YB7meY6ZvUSOyroDCb8gwd0L6ECJF4RSqfIkn7bvdXFjDuqxhkf2hyWsTp7kpnekCsqlSIlG3R0e_tUd1G3Yjcvqe-4TlFi92Drq2RTCZ2_M2LlYHqkv22bWB5NMZZrikNY6wgSQFnwMQ81dLi3YH_DBNYemUw3iO2n5AlhRkEZT1Rj5m1xye4pBYqJlI&sai=AMfl-YTZfKOT010CYJChRWaVpLFnt1mbkxSslKiUIpAtJoO3dlRpwuF-0qFbRAAUtEimwZGsJpXdwzruoEZ543COfZQqumZi8YUwXTmjOavgnSyjhVl9iFIUmiurKSeq85U&sig=Cg0ArKJSzJvIm4Bxx76BEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 28ms
28ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584397&de=659215290256&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=7&cb=0&ym=0&cu=1596838584397&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&zMoatPS=nav&zMoatPT=article&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=127147764&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 21ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506751&S1id=23605329&S2id=23619609&ord=1596838584672&r=91290968212&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=bottom&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 21ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506751&S1id=23605329&S2id=23619609&ord=1596838584672&r=91290968212&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=bottom&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 927A 51 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: rev.cbsi.com
URL: https://rev.cbsi.com/common/js/adKit.min.js?1842584508

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3f542f904faa40728ec73c89bd88d360cfd49bcd3c08de009bb83a5de1d2c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "595 / 85 of 1000 / last-modified: 1596837352"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17510
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 store.phtml
ad.clipcentric.com/user-9/resources/ Frame 2E42 0
0 105ms
21ms Document
text/html 143.204.201.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.clipcentric.com/user-9/resources/store.phtml?v200530
Requested by: Host: clipcentric-a.akamaihd.net
URL: https://clipcentric-a.akamaihd.net/ad/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/ad.js?q=1594394423
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.201.72 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-201-72.fra53.r.cloudfront.net
Software: Apache/2.2.34 /
Resource Hash

Request headers

:method: GET
:authority: ad.clipcentric.com
:scheme: https
:path: /user-9/resources/store.phtml?v200530
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
content-type: text/html; charset=UTF-8
content-length: 2976
date: Mon, 03 Aug 2020 23:28:49 GMT
server: Apache/2.2.34
access-control-allow-origin: *
cache-control: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 cc77875ec7dfc885cffaa2ec6fa578f6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 2PzClXCXRBZHf7jIllJdhIgNiQvXCXulZLFKH97-je6VRen6RfwNkw==
age: 341255

GET
H2 200 E=in,im,fi
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=45/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 352ms
101ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=45/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=in,im,fi
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 PqtUk8AC.webp
clipcentric-a.akamaihd.net/file/998046/ad_q75/1594393449/ Frame B75D 31 KB
31 KB 22ms
20ms Image
image/webp 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/998046/ad_q75/1594393449/PqtUk8AC.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 3460d78ff66d801eb29f743b0f2394724a8ed0d8b3067f528a7aac157f15d161

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
last-modified: Fri, 10 Jul 2020 15:18:03 GMT
server: Apache/2.2.34
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 31904

GET
H2 200 dN-V5jXg.webp
clipcentric-a.akamaihd.net/file/998037/ad_q75/1594393359/ Frame B75D 26 KB
26 KB 28ms
27ms Image
image/webp 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/998037/ad_q75/1594393359/dN-V5jXg.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 770d5dfb6a1f79b40652f9e05c48413603f9a1a7c96f997eb4d39b07fab84421

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
last-modified: Fri, 10 Jul 2020 15:15:30 GMT
server: Apache/2.2.34
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 26464

GET
H2 200 L-ivb6_O.webp
clipcentric-a.akamaihd.net/file/998035/ad_q75/1594393358/ Frame B75D 17 KB
17 KB 37ms
36ms Image
image/webp 2.16.177.50
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clipcentric-a.akamaihd.net/file/998035/ad_q75/1594393358/L-ivb6_O.webp
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.177.50 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-50.deploy.static.akamaitechnologies.com
Software: Apache/2.2.34 /
Resource Hash: 2a5314e6d3d49f52db2a4e8b2c856d78e9dd363834ea159edd5007c546b091af

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:24 GMT
last-modified: Fri, 10 Jul 2020 15:15:29 GMT
server: Apache/2.2.34
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 17732

GET
H2 200 Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 299D 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 8395
date: Fri, 07 Aug 2020 20:24:13 GMT
expires: Sat, 07 Aug 2021 20:24:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6731
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=397&fi=1&apd=402&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506739&S1id=23605329&S2id=23619609&ord=1596838584417&r=655758619798&t=hdn&os=1&fi2=0&div1=0&ait=196&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=348&fi=1&apd=351&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506754&S1id=23605329&S2id=23619609&ord=1596838584495&r=18547783773&t=hdn&os=1&fi2=0&div1=0&ait=173&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=4&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 27ms
26ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=337&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506562&S1id=23605329&S2id=23619609&ord=1596838584519&r=464497657372&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=middle&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 35D9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

17ms
16ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Fri, 07 Aug 2020 22:16:24 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 21ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=223&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1596838583777&r=823848265332&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=0&zMoatPT=0&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
19ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=223&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1596838583777&r=823848265332&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=0&zMoatPT=0&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 0284 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 07 Aug 2020 20:45:49 GMT
expires: Sat, 07 Aug 2021 20:45:49 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5435
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584417&de=655758619798&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=11&cb=0&ym=0&cu=1596838584417&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&zMoatPS=top&zMoatPT=article&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=563467375&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:24 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 20ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=307&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506751&S1id=23605329&S2id=23619609&ord=1596838584672&r=91290968212&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=bottom&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:24 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:24 GMT

GET
H/1.1 200
OK cbsi_ads_skyboxKit.js Show response
rev.cbsi.com/common/js/ Frame B75D 11 KB
3 KB 25ms
25ms Script
application/x-javascript 104.111.215.35
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://rev.cbsi.com/common/js/cbsi_ads_skyboxKit.js
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.35 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-35.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 47bc26348c88eb34e7abb0eeed434beb7799a0b6aec1995c155a8901ae7ca664

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 07 Aug 2020 22:16:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 23 Jul 2020 18:06:18 GMT
Server: AkamaiNetStorage
ETag: "72acba1ce4ed2f2ca6fc0b974b1c50dc:1595527578.6828"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2627

GET
DATA 200
OK truncated
/ Frame 84D7 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame B75D 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B75D 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4C61 750 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e9cac3eeba1fc86e06fdc013a4c52742e9b4bd14b7be6517321127d4515095ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 E=ls:load%20CBSi%20js%20file.0,li
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=262/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 171ms
145ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=262/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=ls:load%20CBSi%20js%20file.0,li
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:Super%20Billboard.0
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=272/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 129ms
102ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=272/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=ls:Super%20Billboard.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:hotspots%20collapsed.0
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=303/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 148ms
146ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=303/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=ls:hotspots%20collapsed.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:on%20scroll%20full%20collapse.0
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=303/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 147ms
145ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=303/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=ls:on%20scroll%20full%20collapse.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 E=ls:custom%20ad%20controls.0
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=304/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 105ms
103ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=304/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=ls:custom%20ad%20controls.0
Requested by: Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 23ms
21ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=355&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=zdnet.com&L1id=25365849&L2id=465723849&L3id=4676441751&L4id=138290752599&S1id=uk-zdnet&S2id=security&ord=1596838583777&r=823848265332&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatVGUID=0&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=0&zMoatPT=0&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 22ms
21ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=126&fi=1&apd=252&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138318247577&S1id=23605329&S2id=23619609&ord=1596838584397&r=659215290256&t=meas&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=nav&zMoatPT=article&bedc=1&q=1&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 22ms
21ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=126&fi=1&apd=252&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138318247577&S1id=23605329&S2id=23619609&ord=1596838584397&r=659215290256&t=fv&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=nav&zMoatPT=article&bedc=1&q=2&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 37ms
20ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=126&fi=1&apd=252&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138318247577&S1id=23605329&S2id=23619609&ord=1596838584397&r=659215290256&t=nht&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=nav&zMoatPT=article&bedc=1&q=3&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 1435552022353428479
tpc.googlesyndication.com/simgad/ Frame 35D9 122 KB
122 KB 6ms
5ms Image
image/gif 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1435552022353428479

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5478fcbc50ea5b31605f48f46695dccc551f7e157863978da3afdea2a3f37a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 16 Jul 2020 22:54:06 GMT
x-content-type-options: nosniff
age: 1898539
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125123
x-xss-protection: 0
last-modified: Thu, 21 May 2020 07:45:41 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Jul 2021 22:54:06 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 35D9 2 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 11:08:58 GMT
x-content-type-options: nosniff
server: cafe
age: 40047
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sat, 08 Aug 2020 11:08:58 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 35D9 295 B
363 B 7ms
7ms Image
image/png 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 21:26:58 GMT
x-content-type-options: nosniff
server: cafe
age: 2967
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 08 Aug 2020 21:26:58 GMT

GET
H2 200 pubads_impl_2020080301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 927A 261 KB
91 KB 54ms
53ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

sffe /

Resource Hash

3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 03 Aug 2020 15:21:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93494
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 27ms
26ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=190&fi=1&apd=316&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138318247577&S1id=23605329&S2id=23619609&ord=1596838584397&r=659215290256&t=hdn&os=1&fi2=0&div1=0&ait=0&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=nav&zMoatPT=article&bedc=1&q=4&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
DATA 200
OK truncated
/ Frame 84D7 299 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95698b6af45a720fa13415398e77c20504c6ae8bf75e3a462e5aa1f67bc42b11

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F4788165%2FProofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-728x90px.jpg&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=25&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4371&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=5&an=0&gf=5&gg=0&ix=5&ic=5&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=5&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10&cd=0&ah=10&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=457162558&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584495&de=18547783773&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=15&cb=0&ym=0&cu=1596838584495&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&zMoatPS=top&zMoatPT=article&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=1599569115&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B75D 0
54 B 57ms
56ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsth12S9Y3iXcErgOD5dcNf51FqrTG3trH1y5flkGPydbfauGGRpL0AnXqDyxq3siOV16QmvTU70_TaaYw7_4xIAYWvUSQtYeytoaYD-au0MCGcVv1jYHdlIxnK8GXnZgobvzQxlAPkaCJgw6EBplUEDSj7sUW1mzDKjH6xwkWtmiYn_vs-8NRuON8TRmV416C7oK0ev56KtJXqnvF0sM-gu-1_Boe8v6-LNxZEO2B1jthQ9fk-WsohRSOfPjoy5UktYTtdbEPGUqRoZ6FoS&sai=AMfl-YTPlSM2D08I3qlgRNc6nYhblfHSMKi-GGS6UsfowfVuBEnaL9LK1Lw-Amsu-wQA6TzOyVByVsHfcJzbdf6mX14HOu0fmTVk-fuTkBIkJ9tmWoM51d2vH-Csro8Claw&sig=Cg0ArKJSzBJybM6zGYXDEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 927A 109 B
316 B 16ms
16ms Script
application/javascript 2a00:1450:4001:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 927A 109 B
168 B 15ms
14ms Script
application/javascript 2a00:1450:4001:815::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdnet.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 927A 15 KB
4 KB 67ms
67ms XHR
text/plain 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3117244217652800&correlator=3419846673382648&output=ldjh&impl=fifs&eid=21066032%2C21066170&vrg=2020080301&npa=1&guci=1.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200807&iu_parts=8264%2Cuk-zdnet%2Csecurity&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=372x142%2C372x142&prev_scp=env%3Dprod%26session%3Dd%26subses%3D1%26ptype%3Darticle%26vguid%3D8cda53b3-960b-4a55-821b-4e2aee5c6414%7Cenv%3Dprod%26session%3Dd%26subses%3D1%26ptype%3Darticle%26vguid%3D8cda53b3-960b-4a55-821b-4e2aee5c6414&cookie=ID%3D130cd6f5e38c8d7d-2268a8cfadb600ea%3AT%3D1596838583%3AS%3DALNI_MaNa8AQnj2Wgpc5NLzZYGmZei082g&cdm=www.zdnet.com&bc=31&abxe=1&lmt=1596838585&dt=1596838585301&dlt=1596838584289&idt=1002&frm=23&biw=1600&bih=1200&isw=371&ish=771&oid=3&adxs=-12245933%2C-12245933&adys=-12245933%2C-12245933&adks=3261246841%2C3261246840&ucis=oz7b9t9sv7rs%7Ct9ww23se85m9&ifi=1&ifk=1077788096&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&top=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&dssz=12&icsg=10888&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0%7C0x0&msz=0x0%7C0x0&ga_vid=1208321258.1596838585&ga_sid=1596838585&ga_hid=1168793945&fws=256%2C256&ohw=0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

1b430195ffa49743b44c19e8ecf3bd9d16e5c740405db78bf4d8c935b63406fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4466
x-xss-protection: 0
google-lineitem-id: 4746066197,4746066197
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138239375180,138239375540
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdnet.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3dc3f369693701d32057397dbf1d0cd6.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 927A 0
0 54ms
38ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3dc3f369693701d32057397dbf1d0cd6.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 927A 0
0 6ms
5ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F4788165%2FProofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-300x250px.jpg&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=19&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4371&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=3&an=0&gf=3&gg=0&ix=3&ic=3&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=3&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1895789223&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 927A 0
54 B 57ms
57ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvaq1H6dIF0pOmvkpehdOOinJime0CqXn3Ph5Rzp1npZNIyJEIEn0tzut3eg5SzEZ6lW-rOTaHsdu6lG5DSR5d_vRa2wN_D-_dGs_6I-7ysoSXmqSheGybEqdORDl6lWAdcPHXW__QQq2Sv8Sov7njn_-S_7W5RO0GCl--ftxx7weTxYcbb6qd-LsTVfNvs9tljr4wzIeay5O4UpVogETqGubaLSKLQfjlsaSOu9c7cnwf8l9-pTXqoq5mhN6Lm1h7SRUT81nJ-wyA&sai=AMfl-YSbH5KNW4seloik3YhdChgi6_2An5Ph46z2FLcX9AR3E0zELM8KdAzlFVtW1GFUXMkLS_jyD1TuFreCc433cNIN51IFO8EX4SY1LNinPN5WYzcYmKyAZge-yoYObK0&sig=Cg0ArKJSzGT4Csdb7YRjEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 204 /
6852bd11.akstat.io/ 0
201 B 30ms
29ms Other
image/gif 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd11.akstat.io/

Requested by

Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/YZ2TK-PC7PJ-K64DL-L53CR-P2G4E

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
status: 204
content-type: image/gif
access-control-allow-origin: https://www.zdnet.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 E=ls:on%20scroll%20full%20collapse.1
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=635/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 102ms
101ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=635/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=ls:on%20scroll%20full%20collapse.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 26ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584519&de=464497657372&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=19&cb=0&ym=0&cu=1596838584519&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=92833449%3A2712521898%3A5408307569%3A138315506562&zMoatPS=middle&zMoatPT=article&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-middle%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=middle&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=85465331&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
DATA 200
OK truncated
/ Frame 4C61 801 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b526196d510bc11f40effba13f1b9e1792120b1f40b453695e8d7dcc05cf38d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD44 0
0 72ms
72ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKTpZjSKW84iCW2i_igPz6tzPl2Gbjr6wJxlJtOUGoyGLR2YxFYjoWy2Wli9H49aY9CBHl564hxjztWbXomtdCjQjhwvfHObC5ogKJKri1XSX2Hec-uTl0-2WaMwM79MAnXaHHRG4rh17gAem_DhJL4okV0ma4hYs7Wd3z2q_5-Ua20PXwWxyts3Jnv6wqOuXaWLSSHIhzjHmEVDepEFtXAKIITJolTR1kpmlRVkb5yiFf_aXQsW-PkOqfmdYQLbB-pPnQ9v13&sig=Cg0ArKJSzFv0Yce7A9_8EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD44 73 KB
28 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame DD44 321 KB
107 KB 27ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17706
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F3C7 0
0 68ms
67ms Fetch
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5jI7HO7j0rtdylLnG50jEk_leByYSMhrtlMtLRAGIG8wj5TropHHe7qXnMp2OggBccSNVtbSWajv1KGeIRIOp0XQIeTdtJ3PkYm6w8sNybyzlzVeHZTa9Tn0z_0rlGuz9BhEEFf1oJl8R_IafV0fRmZc1MyXkXBbaZajotjTUlecsR9K98WJFJFi_aEgLLUqinHoCQffhK78Q_ob0Dh3TT7w-yj01yIZw56iIkIc-mkSF-Q7QILRf-btOx3o_nvPqSa92HOyz&sig=Cg0ArKJSzPxLvkPxje4-EAE&urlfix=1&adurl=

Requested by

Host: www.zdnet.com
URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame F3C7 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/cbsdfp5832910442/ Frame F3C7 321 KB
107 KB 25ms
25ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
last-modified: Wed, 01 Jul 2020 18:12:26 GMT
server: AmazonS3
x-amz-request-id: 8D266C851F1941C5
etag: "e00a4c9eb4d0552a62a2ad3b020a4ac2"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=17706
accept-ranges: bytes
content-length: 109303
x-amz-id-2: xzlR4/gktU2AIiSKbnv77ol5yO4GK6O6VSkANiyEL/R/XwufbveAj5H6OqzfSNTQwepXNRaIEQQ=

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 927A 71 KB
26 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

067cd2fd3f72ea2ce0db4d57214f569d99a2f6d485098adf28885dd2f2038b56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596800120297106"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 927A 8 KB
6 KB 17ms
17ms XHR
application/json 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020080301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50174f81ecddf71eca001592cb8a8fa26f2b2c19770990a6a068d2198591e34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6284
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 56ms
55ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F4788165%2FProofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-300x250px.jpg&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584519&de=464497657372&cu=1596838584519&m=15&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4371&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6&cd=0&ah=6&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506562&bo=23605329&bp=23619609&bd=middle&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-middle%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-middle&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=454215335&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 927A 14 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020080301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 07 Aug 2020 22:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame DD44 0
54 B 64ms
64ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCeDHdnQHq4RjWZttE0Uz4ZFOPv8JskIK9xICheki8mh02ABkDZIvFy6ykuzDQlp5HdbPCI-n-tC7wPHXilMv6hFFc9M1N5ZBUrhWwXfWXOX7grvoPuZftVLB1hBQkt2ZjO2AYbmaGFO80eUzxs_y5BZrSNYnUSOdReDj3hR16req9ltijVmkK_vAY8oNpWo0cJs0Ju4jP3NaiXSHl-iY7MdZfy_-kKjvquWyZf7pVMPmJKPY9au0TzouQnxRz9KbKB34Pm7t0VCo&sig=Cg0ArKJSzNji3FqGQ0NTEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584650&de=103760889151&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=23&cb=0&ym=0&cu=1596838584650&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4745189935%3A138239344475&zMoatPS=top&zMoatPT=article&zMoatW=11&zMoatH=11&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=sharethrough-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=11x11&zMoatSZPS=11x11%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=300817046&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame F3C7 0
54 B 57ms
57ms Image
image/gif 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVc1OEbKC2zbbAQI-OgkeEQEnaRTx3rpLB9vrAsciYa1flRIcqJdJnu5XxdKRnnwjzttAJt4PCG_bMm7jiXoQgTyaeZ14iDw2nUd_nOwv8-Zdvanw9sDn9UrXqTQQTyE6mSok73XQpl94YQNwwlR3cRtdwFmPGIwN40rB8kf2z1BQWxXmcOOPynJd9SGBxMuCNfFgmMTRsT57ZNFhx4q_4A8ALVLq9-7wY7SE-I0bQQGeSzyg0jF9dL3OuIEcNIgW3rrQ03AHPEqQ&sig=Cg0ArKJSzNG_gR03YkH8EAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 7367 42 B
107 B 42ms
39ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssv6-laTvlCK48c9tKSqXSpJ9uSCfwZ2mIijj86Q9kcvT_gg3cNPD_U0NPMoqADXchOGhNmbBPn3a85Nxh_UFy1yAIid3onI4egNRQbYvwghRxRJZ4qIvrAiDUWIJncLtFzfp2MDSU2kv2F5cbZgVmWnhd2HijXFbBpiMJn9f_3Wz0&sig=Cg0ArKJSzKQEps7xwPKDEAE&adk=3581870410&tt=-1&bs=1600%2C1200&mtos=1126,1126,1126,1126,1126&tos=1126,0,0,0,0&p=363,436,453,1164&mcvt=1126&rs=0&ht=0&tfs=5&tls=1131&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1596838584229&dlt&rpt=501&isd=0&msd=0&xdi=0&ps=1600%2C4446&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-2-6-6-0-0-0&tvt=1130&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&r=v&id=osdim&vs=4&uc=7&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B0F9 42 B
107 B 43ms
40ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssF3UxI_ZsG53NSqPdYaKPIdL50gPoBQPTziDzsiaZiMt3X6GWIp-0mOE8s7E-jSea-LhTkwSqlhg0A07vejVtb_PnkxalGt-vwnE7UEszO06PhbvmtKaBc5s13X5xntfPP0mEYQpD7DIHApFHXxrOS84Q4fiZjTYs-PSwZ0pVi_C4&sig=Cg0ArKJSzHvqUXJZt4GkEAE&adk=1925781520&tt=-1&bs=1600%2C1200&mtos=1118,1118,1118,1118,1118&tos=1118,0,0,0,0&p=483,1050,733,1350&mcvt=1118&rs=0&ht=0&tfs=3&tls=1121&mc=1&lte=1&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1596838584229&dlt&rpt=502&isd=0&msd=0&xdi=0&ps=1600%2C4446&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-7-2-6-6-0-0-0&tvt=1121&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&r=v&id=osdim&vs=4&uc=7&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame D8AF 0
0 6ms
5ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Fri, 07 Aug 2020 20:45:49 GMT
expires: Sat, 07 Aug 2021 20:45:49 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 5436
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 31ms
31ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=913&tet=1146&fi=1&apd=1151&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506739&S1id=23605329&S2id=23619609&ord=1596838584417&r=655758619798&t=iv&os=1&fi2=0&div1=1&ait=945&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 25ms
24ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=833&tet=1071&fi=1&apd=1074&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138315506754&S1id=23605329&S2id=23619609&ord=1596838584495&r=18547783773&t=iv&os=1&fi2=0&div1=1&ait=896&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=top&zMoatPT=article&bedc=1&q=5&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584672&de=91290968212&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=27&cb=0&ym=0&cu=1596838584672&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=92833449%3A2712521898%3A5408307569%3A138315506751&zMoatPS=bottom&zMoatPT=article&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-bottom%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=1588094717&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
55 B 41ms
40ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020080301&jk=2783474498725872&bg=!iomliZFY1VBzpmtkQlsCAAABI1IAAAAPmQGkT3Yt5_51Bvo7q1jteK_mAQEBxT8cVywtfobag9jufZHxJyZjbG-JryyCAUOXBCg-ibsI6TfehEudWmOY70X3FLJROSVRKEMo9hLPucfS0a4AmW2JHhOSg3hcB6cqjA6r2r33iz6An8xLZRpN9mSIbTfpScTIMfGqUGQBPMOJxcKw9GKw0ZdaTH-llG2X-15-SJoznzll3O3IUNQgIbdiq5XDXJjv_JxfSYmCM82kwGUIVtdm-jCSQa8MuLROA-VsZmDXZ5uh8WsxlW6_w7gpskznF77sVaLO2Pcofu0y2l8spP8Bmm7DVqlqGqkVSQ-KSSol8-DpaPGTYfQic4EbwOUKNpOX_xNxQ6PEETKu20_AhaaFY4QbjuEH-3R4JYIl0xKi7A_CCCpAVXNvE10fsIOKAhLgf29kLhXP7j3DlevmkSGLrZxNYyXd-NYJR_QsDIw3hDXE7mHU60H8uuPe-Jg8KRNUpjuT5OI04S9n_xfsz-ZQ2R8-7znZ_77J-vMkObE1HFn3qTvyjTl5wgqcclugGxa2Vdn1C-XFV-52j8pvXCJd

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 44ms
43ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2F4788165%2FProofpoint-PSAT-2020-User-Risk-Report-digital-ads-UK-728x90px.jpg&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584672&de=91290968212&cu=1596838584672&m=14&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4371&le=1&lf=0&lg=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5&cd=0&ah=5&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506751&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-bottom%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=636635111&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838584716&de=407310519958&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=31&cb=0&ym=0&cu=1596838584716&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4825966980%3A138247024569&zMoatPS=top&zMoatPT=article&zMoatW=371&zMoatH=771&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=dynamic-showcase-top%3FT-1000&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=371x771&zMoatSZPS=371x771%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=179463585&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F1435552022353428479&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838583777&de=823848265332&rx=889661657086&cu=1596838583777&m=1188&ar=3ad1957-clean&iw=0b4ad6e&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4371&le=1&lf=122&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A328%3A328%3A0%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=223&cd=0&ah=223&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=183802&na=754552376&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=681&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=126&an=0&gf=126&gg=0&ix=126&ic=126&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=126&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=252&cd=0&ah=252&am=0&rf=0&re=0&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=DOMSEARCH&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=896699086&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 927A 0
55 B 39ms
39ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020080301&jk=3117244217652800&bg=!KSqlKjJYvho8okJdFZQCAAAAYFIAAAAMCgAWhytyKFKyMLHehdvx8lpEfvYXP-PHt5kBqpfMVyc6W7HfLFCYdYajvzNtWdE7eF9On7gPYCTeaPK3hIw9Y-w30R2WKTsnvr4QXPq1ddi56Bd1ZVDAXjnL1RjZQmuN2RooXI_HOSl92JXTYThnQwIXkKFgd99Pfxq-LYLjdu4Fuy66GdGTVSDcpfIpC17aAbtP1QSW60r5ZFbdBBEJe35uC2GPqN-f7_SHeii-L28LBTNTzivHc8aUyA3w0dWmzIouxmfcmhANtFlR808Dm-QPzhmBwJyJ_DiowKrkd0E1ll5QXaTEjnQLwZ9qHGR8eJu1K8VDdzK9A36Rr5cgzYUjPiZQAxfIRowT5Wk5dRDLYD5mXqE1ftYfCJhiGdOp-YRCdB3t1OAxBOjFCxyifw4uUyOgjS3GqgEc5WUB6fsiXC7TWVmpftoKE9hHWpKDw6uvM6uwu--udJnlruC8ywQvSOT3LH-Elj_GSlJEfmUn0dlgt0FSXaeKaO5NKxTNoNjuUUIodYkbC9BXyJ3knimiGDKZZjYTex6UQ0ViaD41RL6KHmHUnV55g_B62dA08HTXUTjZPaGC3kb2YEbJ9o9d6UyuQQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838585481&de=336289015832&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=35&cb=0&ym=0&cu=1596838585481&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375180&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=-&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=1162922034&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 E=wi
tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=1024/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/ Frame B75D 35 B
136 B 102ms
102ms Image
image/gif 52.201.164.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.clipcentric.com/s/B=244/F=998051/C=78967/P=22/L=21/V=23/S=cbC8bnlS/Z=1/I=120.735829.1596838584735/U=www.zdnet.com/T=1024/M=i/D=d/PO=zdnet.com/LO=5408307569/VO=138318247577/E=wi
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.164.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-164-192.compute-1.amazonaws.com
Software: Apache/2.2.34 /
Resource Hash: 6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Fri, 07 Aug 2020 22:16:25 GMT
cache-control: no-cache
server: Apache/2.2.34
content-length: 35
content-type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CBSDFPCW2&hp=1&wf=1&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&t=1596838585515&de=485834834577&m=0&ar=0c509492f98-clean&iw=fc8ce17&q=39&cb=0&ym=0&cu=1596838585515&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=25477209%3A2356361194%3A4746066197%3A138239375540&zMoatPT=article&zMoatW=372&zMoatH=142&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatAType=content_article&zMoatTest=zdnet&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&bo=23605329&bp=23619609&bd=-&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatFT=Not%20Specified&zMoatSZ=372x142&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAB=content_article-zdnet&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&gw=cbsdfp5832910442&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A328%3A328%3A1155%3A367&iq=na&tt=na&tu=&tp=&fs=182322&na=648048606&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 26ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=1156&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=172&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1146&an=5&gi=1&gf=1146&gg=5&ix=1146&ic=1146&ez=1&ck=1146&kw=913&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1146&bx=5&ci=1146&jz=913&dj=1&aa=0&ad=945&cn=0&gk=945&gl=0&ik=945&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=913&cd=10&ah=913&am=10&rf=0&re=1&ft=945&fv=0&fw=945&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=738830724&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 31ms
31ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=1157&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=172&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1146&an=1146&gi=1&gf=1146&gg=1146&ix=1146&ic=1146&ez=1&ck=1146&kw=913&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1146&bx=1146&ci=1146&jz=913&dj=1&aa=0&ad=945&cn=945&gk=945&gl=945&ik=945&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=913&cd=913&ah=913&am=913&rf=0&re=1&ft=945&fv=945&fw=945&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1978552930&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=1157&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=172&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1146&an=1146&gi=1&gf=1146&gg=1146&ix=1146&ic=1146&ez=1&ck=1146&kw=913&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1146&bx=1146&ci=1146&jz=913&dj=1&aa=0&ad=945&cn=945&gk=945&gl=945&ik=945&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=913&cd=913&ah=913&am=913&rf=0&re=1&ft=945&fv=945&fw=945&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1654513185&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 27ms
27ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=1083&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=191&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1071&an=3&gi=1&gf=1071&gg=3&ix=1071&ic=1071&ez=1&ck=1071&kw=833&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1071&bx=3&ci=1071&jz=833&dj=1&aa=0&ad=896&cn=0&gk=896&gl=0&ik=896&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=833&cd=6&ah=833&am=6&rf=0&re=1&ft=896&fv=0&fw=896&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=956394712&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=1083&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=191&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1071&an=1071&gi=1&gf=1071&gg=1071&ix=1071&ic=1071&ez=1&ck=1071&kw=833&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1071&bx=1071&ci=1071&jz=833&dj=1&aa=0&ad=896&cn=896&gk=896&gl=896&ik=896&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=833&cd=833&ah=833&am=833&rf=0&re=1&ft=896&fv=896&fw=896&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1715561387&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=1084&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=191&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1071&an=1071&gi=1&gf=1071&gg=1071&ix=1071&ic=1071&ez=1&ck=1071&kw=833&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1071&bx=1071&ci=1071&jz=833&dj=1&aa=0&ad=896&cn=896&gk=896&gl=896&ik=896&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=833&cd=833&ah=833&am=833&rf=0&re=1&ft=896&fv=896&fw=896&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1259527863&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=1362&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=172&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1352&an=1146&gi=1&gf=1352&gg=1146&ix=1352&ic=1352&ez=1&ck=1146&kw=913&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1352&bx=1146&ci=1146&jz=913&dj=1&aa=1&ad=1151&cn=945&gn=1&gk=1151&gl=945&ik=1151&co=1151&cp=1151&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1151&cd=913&ah=1151&am=913&rf=0&re=1&ft=1151&fv=945&fw=945&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1523903025&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:25 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H/1.1 200
OK pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 43 B
409 B 22ms
22ms Image
image/gif 2.21.38.40
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=958&tet=1034&fi=1&apd=1160&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=zdnet.com&L1id=92833449&L2id=2712521898&L3id=5408307569&L4id=138318247577&S1id=23605329&S2id=23619609&ord=1596838584397&r=659215290256&t=iv&os=1&fi2=0&div1=1&ait=522&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatPS=nav&zMoatPT=article&bedc=1&q=5&nu=1&ib=1&dc=1&ob=1&oh=0&lt=0&ab=1&n=1&nm=1&sp=0&pt=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.38.40 , France, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-21-38-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 Aug 2020 22:16:25 GMT
Last-Modified: Fri, 20 May 2016 15:16:00 GMT
Server: Apache
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
Expires: Fri, 07 Aug 2020 22:16:25 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=1286&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=191&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1274&an=1071&gi=1&gf=1274&gg=1071&ix=1274&ic=1274&ez=1&ck=1071&kw=833&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1274&bx=1071&ci=1071&jz=833&dj=1&aa=1&ad=1099&cn=896&gn=1&gk=1099&gl=896&ik=1099&co=1099&cp=1074&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1074&cd=833&ah=1074&am=833&rf=0&re=1&ft=1099&fv=896&fw=896&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=306679996&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=1578&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1034&an=126&gi=1&gf=1034&gg=126&ix=1034&ic=1034&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1034&bx=126&ci=1034&jz=958&dj=1&aa=0&ad=743&cn=0&gk=743&gl=0&ik=743&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=958&cd=252&ah=958&am=252&rf=0&re=1&ft=522&fv=0&fw=522&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1882899663&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 26ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=1579&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1034&an=1034&gi=1&gf=1034&gg=1034&ix=1034&ic=1034&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1034&bx=1034&ci=1034&jz=958&dj=1&aa=0&ad=743&cn=743&gk=743&gl=743&ik=743&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=958&cd=958&ah=958&am=958&rf=0&re=1&ft=522&fv=522&fw=522&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=962806098&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=1579&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1034&an=1034&gi=1&gf=1034&gg=1034&ix=1034&ic=1034&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1034&bx=1034&ci=1034&jz=958&dj=1&aa=0&ad=743&cn=743&gk=743&gl=743&ik=743&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=958&cd=958&ah=958&am=958&rf=0&re=1&ft=522&fv=522&fw=522&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=292930161&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:26 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B75D 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuiW6Q9BgU5502-QveDQYpd1IpqAWXn7rYgJyFFUq1Vo-MM9bvOZMYGk9C9CEJkwpAHy3FzYgP47Mpi1RWms5fd6diPiLw-p7_M25gziAA&sig=Cg0ArKJSzGSKubvMncmoEAE&adk=2072725681&tt=-1&bs=1600%2C1200&mtos=1052,1052,1052,1052,1052&tos=1052,0,0,0,0&p=0,0,105,1600&mcvt=1052&rs=3&ht=0&tfs=922&tls=1974&mc=1&lte=1&bas=0&bac=0&met=ce&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1596838584219&dlt&rpt=750&isd=0&msd=0&xdi=0&ps=1600%2C4446&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-7-10-10-0-0-0&tvt=1968&is=1600%2C105&iframe_loc=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200807

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=1986&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=1442&an=1034&gi=1&gf=1442&gg=1034&ix=1442&ic=1442&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1442&bx=1034&ci=1034&jz=958&dj=1&aa=1&ad=1151&cn=743&gn=1&gk=1151&gl=743&ik=1151&co=1151&cp=1364&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1364&cd=958&ah=1364&am=958&rf=0&re=1&ft=930&fv=522&fw=522&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=995811378&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:26 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:26 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=5197&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=172&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=5187&an=1352&gi=1&gf=5187&gg=1352&ix=5187&ic=5187&ez=1&ck=1146&kw=913&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5187&bx=1352&ci=1146&jz=913&dj=1&aa=1&ad=4986&cn=1151&gn=1&gk=4986&gl=1151&ik=4986&co=1151&cp=1151&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4989&cd=1151&ah=4989&am=1151&rf=0&re=1&ft=4986&fv=1151&fw=945&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1747716271&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=5123&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=191&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=5111&an=1274&gi=1&gf=5111&gg=1274&ix=5111&ic=5111&ez=1&ck=1071&kw=833&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5111&bx=1274&ci=1071&jz=833&dj=1&aa=1&ad=4936&cn=1099&gn=1&gk=4936&gl=1099&ik=4936&co=1099&cp=1074&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4909&cd=1074&ah=4909&am=1074&rf=0&re=1&ft=4834&fv=1099&fw=896&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=302829713&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 34ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584519&de=464497657372&cu=1596838584519&m=5304&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5095&cd=6&ah=5095&am=6&rf=0&re=1&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506562&bo=23605329&bp=23619609&bd=middle&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-middle%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-middle&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1350560618&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
23ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838583777&de=823848265332&rx=889661657086&cu=1596838583777&m=6175&ar=3ad1957-clean&iw=0b4ad6e&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=122&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A328%3A328%3A0%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5046&cd=223&ah=5046&am=223&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=183802&na=1055149708&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=5620&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=5076&an=1442&gi=1&gf=5076&gg=1442&ix=5076&ic=5076&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5076&bx=1442&ci=1034&jz=958&dj=1&aa=1&ad=4785&cn=1151&gn=1&gk=4785&gl=1151&ik=4785&co=1151&cp=1364&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5000&cd=1364&ah=5000&am=1364&rf=0&re=1&ft=4564&fv=930&fw=522&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=1490895674&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:30 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584672&de=91290968212&cu=1596838584672&m=5369&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=174&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5160&cd=5&ah=5160&am=5&rf=0&re=1&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506751&bo=23605329&bp=23619609&bd=bottom&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=bottom&zMoatSZPS=728x90%20%7C%20bottom&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-bottom%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-bottom&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-bottom&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=193410531&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:30 GMT

POST
H/1.1 200
OK 36c1ca5070 Show response
bam.nr-data.net/events/1/ 24 B
180 B 106ms
105ms XHR
image/gif 162.247.242.20
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/36c1ca5070?a=396312832&v=1173.01dd3ba&to=NV1TZ0MHXxUFWxBYWQwXcFBFD14IS1kWRV8BVFRsQg9fAQhd&rst=11249&ck=1&ref=https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1173.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.20 San Francisco, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-8.nr-data.net
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.zdnet.com
Access-Control-Allow-Credentials: true
Content-Length: 24
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
25ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584417&de=655758619798&cu=1596838584417&m=10072&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=172&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=10062&an=5187&gi=1&gf=10062&gg=5187&ix=10062&ic=10062&ez=1&ck=1146&kw=913&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10062&bx=5187&ci=1146&jz=913&dj=1&aa=1&ad=9861&cn=4986&gn=1&gk=9861&gl=4986&ik=9861&co=1151&cp=1151&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9866&cd=4989&ah=9866&am=4989&rf=0&re=1&ft=5902&fv=4986&fw=945&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506739&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=728x90&zMoatPS=top&zMoatSZPS=728x90%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=728&zMoatH=90&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=leader-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=leader-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=leader-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=962348812&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 24ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584495&de=18547783773&cu=1596838584495&m=10198&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=191&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=10187&an=5111&gi=1&gf=10187&gg=5111&ix=10187&ic=10187&ez=1&ck=1071&kw=833&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10187&bx=5111&ci=1071&jz=833&dj=1&aa=1&ad=10012&cn=4936&gn=1&gk=10012&gl=4936&ik=10012&co=1099&cp=1074&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9989&cd=4909&ah=9989&am=4909&rf=0&re=1&ft=4834&fv=4834&fw=896&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506754&bo=23605329&bp=23619609&bd=top&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=top&zMoatSZPS=300x250%20%7C%20top&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-plus-top%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-plus-top&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-plus-top&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=828314700&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 27ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584519&de=464497657372&cu=1596838584519&m=10381&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=0&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A328%3A328%3A1155%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10172&cd=5095&ah=10172&am=5095&rf=0&re=1&wb=1&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138315506562&bo=23605329&bp=23619609&bd=middle&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=300x250&zMoatPS=middle&zMoatSZPS=300x250%20%7C%20middle&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=300&zMoatH=250&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=mpu-middle%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=mpu-middle&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tz=mpu-middle&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=2044094067&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:34 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 37ms
27ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=uk-zdnet&zMoatAdUnit2=security&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=11&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=250&w=300&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838583777&de=823848265332&rx=889661657086&cu=1596838583777&m=11256&ar=3ad1957-clean&iw=0b4ad6e&cb=0&rd=1&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=122&lg=1&lh=10&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A328%3A328%3A0%3A367&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10123&cd=5046&ah=10123&am=5046&rf=0&re=1&wb=1&cl=0&at=0&d=25365849%3A465723849%3A4676441751%3A138290752599&bo=uk-zdnet&bd=security&gw=cbsprebidheader506831276743&zMoatAType=content_article&zMoatTest=zdnet&hv=Standard%20Image%20Ad%20finding%20&ab=1&ac=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=183802&na=1291778516&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 25ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=10673&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=10129&an=5076&gi=1&gf=10129&gg=5076&ix=10129&ic=10129&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10129&bx=5076&ci=1034&jz=958&dj=1&aa=1&ad=9838&cn=4785&gn=1&gk=9838&gl=4785&ik=9838&co=1151&cp=1364&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10053&cd=5000&ah=10053&am=5000&rf=0&re=1&ft=5068&fv=4564&fw=522&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=159788439&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
253 B 30ms
24ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Fwww.zdnet.com%2F%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F-&i=CBSDFPCW2&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8CL6k%24)m3*%5B%605*mF%40%23b%3DhjdbEW%3C7bNC%3ElaKc%2C%26WLRGt%269RHrOCFxBoocF)uhFAkD%3Dv%3Cy%5Dv%5BLy*hgMcpk%3FqFm%5Dm%22%2Bx%7Co%3Ee%7CwR3yC%7CQ%5Elv%3Ch%2CeI8!A2QnbjPSI.%24ki)sV~1HmDkx2KD5pf5%5BG%5BZFZ8R6tbK0pH%23bU%24(9N%2CNJJ)%2CW%2FKo7FY&th=341666498&tf=nMzjG---CSa7H-fUfHv-j7VIQD-xFQTS-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C%2C1%2C0%2C0%2Cprobably%2Cprobably&os=&qp=00000&is=BBBBB2IUEY4vGl2BBCBBtUTBBRmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMQSQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Skg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccypBsrB41kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTCyBBrbjBC4ehueB57NG9aJeRzBqEKiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=null&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&pcode=cbsprebidheader506831276743&ql=&qo=0&vf=1&vg=100&bq=0&g=7&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=105&w=1600&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&id=1&ii=4&f=0&j=&t=1596838584397&de=659215290256&cu=1596838584397&m=10879&ar=0c509492f98-clean&iw=fc8ce17&cb=0&ym=0&rd=1&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=4446&le=1&lf=1&lg=1&lh=180&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A328%3A328%3A1155%3A367&as=1&ag=10335&an=10129&gi=1&gf=10335&gg=10129&ix=10335&ic=10335&ez=1&ck=1034&kw=958&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10335&bx=10129&ci=1034&jz=958&dj=1&aa=1&ad=10044&cn=9838&gn=1&gk=10044&gl=9838&ik=10044&co=1151&cp=1364&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10255&cd=10053&ah=10255&am=10053&rf=0&re=1&ft=5068&fv=5068&fw=522&wb=2&cl=0&at=0&d=92833449%3A2712521898%3A5408307569%3A138318247577&bo=23605329&bp=23619609&bd=nav&dfp=0%2C1&la=23619609&zMoatNotCnet=true&zMoatPT=article&zMoatFT=Not%20Specified&zMoatSZ=5x5&zMoatPS=nav&zMoatSZPS=5x5%20%7C%20nav&zMoatPTAT=article%20%7C%20content_article&zMoatPTATSECT=article%20%7C%20content_article&zMoatAType=content_article&zMoatTest=zdnet&zMoatAB=content_article-zdnet&gw=cbsdfp5832910442&zMoatOrigSlicer1=23605329&zMoatOrigSlicer2=23619609&zMoatW=5&zMoatH=5&zMoatVGUID=8cda53b3-960b-4a55-821b-4e2aee5c6414&zMoatSN=d&zMoatSL=nav-ad%3FT-1000&zMoatMMV_MAX=na&zMoatCURL=zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites&zMoatDev=Desktop&zMoatDfpSlotId=nav-ad&hv=CBS%20Attribute&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tz=nav-ad&iq=na&tt=na&tu=&tp=&tc=0&fs=182322&na=768422930&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Aug 2020 22:16:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: Apache
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
status: 200
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 07 Aug 2020 22:16:35 GMT

Verdicts & Comments Add Verdict or Comment

118 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zdnet.com/	1970-01-19 11:35:24	Name: upid_36554059 Value: 1
.zdnet.com/	1970-01-19 12:17:10	Name: zdnetSessionCount Value: 1
.zdnet.com/	1969-12-31 23:59:59	Name: zdnetSessionStarted Value: true
.zdnet.com/	1969-12-31 23:59:59	Name: fly_preferred_edition Value: eu
www.zdnet.com/	1969-12-31 23:59:59	Name: viewGuid Value: 8cda53b3-960b-4a55-821b-4e2aee5c6414
www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites	1969-12-31 23:59:59	Name: zdnet_ad Value: %7B%22type%22%3A%22gpt%22%2C%22region%22%3A%22uk%22%2C%22subses%22%3A%221%22%2C%22session%22%3A%22d%22%7D
.zdnet.com/	1970-01-19 20:19:34	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Sat+Aug+08+2020+00%3A16%3A23+GMT%2B0200+(Central+European+Summer+Time)&version=6.4.0&hosts=&consentId=abef58d6-4900-4aca-bace-5e0d7e050b8a&interactionCount=0&landingPath=https%3A%2F%2Fwww.zdnet.com%2Farticle%2Fmagecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
.zdnet.com/	1969-12-31 23:59:59	Name: fly_default_edition Value: eu
.zdnet.com/	1970-01-19 11:44:03	Name: fly_device Value: desktop
.zdnet.com/	1970-01-19 11:44:03	Name: fly_geo Value: {"countryCode": "de"}
.zdnet.com/	1970-01-19 11:44:03	Name: RT Value: "z=1&dm=zdnet.com&si=3b136a60-3dcf-4200-b8f5-3a6e8d2e6c65&ss=kdksgo5x&sl=1&tt=w2&bcn=%2F%2F6852bd11.akstat.io%2F&ld=w7"
www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites	1969-12-31 23:59:59	Name: _BB.bs Value: \|
.zdnet.com/	1970-01-19 12:17:10	Name: arrowImpCnt Value: 1
www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites	1970-01-19 11:34:19	Name: pv Value: 1
.zdnet.com/	1970-01-19 12:17:10	Name: arrowImp Value: true
www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites	1969-12-31 23:59:59	Name: _BB.d Value: \|\|\|

29 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 396) Message: Found registered service worker: [object ServiceWorkerRegistration]
console-api	info	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 381) Message: Registration of service worker /service-worker.js successful with scope:https://www.zdnet.com/
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: _injectQueryStringGCP functional
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_chartbeat_video performance
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_tealium functional
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 94) Message: Loading iframes
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_urban_airship targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_sharebar social
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_taboola targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_async_load targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 239) Message: %c One Trust color:#000;border-radius:3px;background-color:hsl(161, 100%, 94%); Added to Scripts Queue: script_medusa_recommendation targeting
console-api	log	(Line 21) Message: Skybox - ClipCentric ::: creative id = 138318247577, pos = nav
console-api	log	(Line 72) Message: blank creative loaded: 138239344475 (11 x 11, pos=top, slot=sharethrough-top)
console-api	log	URL: https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/(Line 164) Message: Dynamic Showcase Center container ::: creative id = 138247024569
console-api	info	URL: https://cdn.ampproject.org/rtv/012007280015000/amp4ads-v0.js(Line 421) Message: Powered by AMP ⚡ HTML – Version 2007280015000 https://www.zdnet.com/article/magecart-group-uses-homoglyph-attacks-to-fool-you-into-visiting-malicious-websites/
console-api	log	(Line 57) Message: %c CBSi Skybox v2.3.014 background:#0080ff; color:#fff; border-radius:2px;
console-api	log	(Line 114) Message: [s] loaded
console-api	log	(Line 114) Message: [s] collapsed
console-api	log	(Line 114) Message: [s] autoplay blocked
console-api	log	URL: https://rev.cbsi.com/common/js/cbsi_ads_skyboxKit.js(Line 1) Message: %c CBSi Skybox Kit v4.24 background:#369; color:#fff; border-radius:2px;
console-api	log	(Line 114) Message: [s] collapsed
console-api	log	(Line 72) Message: blank creative loaded: 138239375180 (372 x 142, pos=, slot=dynamic_showcase__0)
console-api	log	(Line 72) Message: blank creative loaded: 138239375540 (372 x 142, pos=, slot=dynamic_showcase__1)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' .zdnet.com .ampproject.org *.amp.cloudflare.com; default-src https: blob: 'unsafe-inline' 'unsafe-eval' data:; font-src https: blob: data:; img-src https: data: android-webview-video-poster: blob:; form-action https:; block-all-mixed-content; media-src https: blob: data:;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3dc3f369693701d32057397dbf1d0cd6.safeframe.googlesyndication.com
6852bd11.akstat.io
9c60745ed3b12fc43828a92f65212b2b.safeframe.googlesyndication.com
ad.clipcentric.com
adservice.google.be
adservice.google.com
adservice.google.de
at.cbsi.com
bam.nr-data.net
c.go-mpulse.net
cbsdfp5832910442.s.moatpixel.com
cdn.ampproject.org
cdn.cookielaw.org
clipcentric-a.akamaihd.net
confiant-integrations.global.ssl.fastly.net
geo.moatads.com
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
js-agent.newrelic.com
mb.moatads.com
pagead2.googlesyndication.com
production-cmp.isgprivacy.cbsi.com
px.moatads.com
rev.cbsi.com
s0.2mdn.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
tr.clipcentric.com
urs.zdnet.com
vidtech.cbsinteractive.com
www.google.com
www.googletagservices.com
www.zdnet.com
z.moatads.com
zdnet1.cbsistatic.com
zdnet2.cbsistatic.com
zdnet3.cbsistatic.com
zdnet4.cbsistatic.com
104.111.215.35
143.204.201.72
151.101.1.188
151.101.113.194
151.101.114.110
162.247.242.20
2.16.177.50
2.18.235.40
2.21.38.40
216.58.206.2
216.58.212.130
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6814:b844
2a00:1450:4001:800::2004
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:806::2006
2a00:1450:4001:815::2001
2a00:1450:4001:815::2002
2a00:1450:4001:816::2002
2a00:1450:4001:817::2002
2a00:1450:4001:819::2001
2a00:1450:4001:825::2001
2a02:26f0:6c00:19a::11a6
2a04:4e42:1b::444
2a04:4e42:1b::645
3.9.96.171
34.102.213.242
35.177.118.109
52.201.164.192
0025565f0cddfceb7ebdbc4b21d2552c894998e443153f97a6e8b353dfd9bebd
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
067cd2fd3f72ea2ce0db4d57214f569d99a2f6d485098adf28885dd2f2038b56
07b69027231d985f5bdcd4d5a539f120d26003feef6e9dc0a6b77a4b43a9b21f
084582f49b5022596f7258664206ec0d00a03c757bb917450c8b1a369659353f
08a1e2c24c5df6cb5da350e764112cbead1e71770991621d58a93fb5e5f45aeb
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0fc639413ca1e659999eab408cd33d2c5aba61da91dd38783a9d33480eb5db2c
16b0024d58d87c8e947ab32a0cc821c49742f166d16f56841743cb1321e69b19
16ce793a9938ff875a3bfd0f28596e0476c5acafeb9141eeb023fd40b3f9f68b
1724d7fd70903754d6f29172f2ac879dc6dab79df6c4c78ed06f45c0f117e15c
189d15d241774168466b1f5e9bef0f8761a31f4e7bd5f36b8297533d4222d046
1b430195ffa49743b44c19e8ecf3bd9d16e5c740405db78bf4d8c935b63406fd
1c0ccb11374e2374cb7a52c792ffe07d9203d28d4ad97623bcf27bc58d2513f9
1df152c5f79010dd701eceeabbf5fae49f8b375b625f2a5d7f8a8fbe11b92f2b
1f613b5562dc302634a5f6a7d71332f465dfddda62f9068b30f3ccbf8984cfe5
21c9c7889404394d4e4c780022b56b5fa39e83b19c34eb0508561a115a1dcc6a
28a4d9ca7700a593d7b252b8b10f5194d0230474dff2b0209a09ef6238f40901
2a5314e6d3d49f52db2a4e8b2c856d78e9dd363834ea159edd5007c546b091af
2b1068aa007abf0e405b0840844c67718204a0073dc392337d78427a0dba6854
2b526196d510bc11f40effba13f1b9e1792120b1f40b453695e8d7dcc05cf38d
2bf78db102c9d6e84c8e86cd2bd6134383688ae866a991028728b62f482358ab
33d644313c181510047a017300748af9b008505fb90d162487ed63e201bcffff
3460d78ff66d801eb29f743b0f2394724a8ed0d8b3067f528a7aac157f15d161
360bcaf459f5f84a37a75ef8a701027dd3b1c8c282c1a8791165f9df41f11519
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3fe88561aca5dc5f9b8d139823310eb6d6911047267407f8facde07d8cd1b81c
42fc03b5ad585826595d3cec8498bb969bc8ee3d5abebe51653a1d7a4a104b8a
47bc26348c88eb34e7abb0eeed434beb7799a0b6aec1995c155a8901ae7ca664
49083dd79d7aa8f37a213ad1beab345090c4cbff08a528caeb0bd8157f5d8a9a
4c0095b130cbe34de49f5b8daf6e62ce7e54adc527cec608cccd78abe3750278
50174f81ecddf71eca001592cb8a8fa26f2b2c19770990a6a068d2198591e34f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5171f084f7b4d043c8005d4409f79046417315101bb83a3d60e9b6336026fad4
55b746d08f061ee964adb088db7f87a27ee9d5ea58bf6111f082a025942ddfce
57f3f0379ec83f9bed92275bbd303a4eb7eb67a7d6b10599183695173c41a3ec
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d1dc200eea43da1fcbdd99f977309e0004ad62b2d8e774c95275600414638a1
6074986477af6f486e9d72c9a9d8d40a54bf432772187fa2b277e9c9eaf406af
6246b627fe6cf14455aa8ec1cff85c46077a3d1eab4c4f3f2e55831af2fb8f45
62db157eaa6bceff3340e6a6afd290aad70574148dbaa5609c19a26bc0fe84fc
69721aa2f1085046c84d1943a1daa0515be8e2f060c21063024ea117789e425c
6b0ea6d0adea9ff7452ecdbeb8f59534c930f0ffa1f0da85f3a470623118e0cb
6b5478fcbc50ea5b31605f48f46695dccc551f7e157863978da3afdea2a3f37a
6c244b38a3f62fee32b4e6f32a69d40865af2e1f7bc2dd73397b8fd0f96125e7
6c63cc5063ac82d8bbc925f9a31adf3a87f1510c021e0fde51854d60484b5019
7055d45c46091178a8591e3b9b781cbcf8728537c8d3fb24f4adc67b315c707d
71452d872d1aef3958ceb43975d3787338749830a8dc1824ba39edf8c99fb77e
744ae87db00be85a6a482a3e8036f81aafaa7754be29b05a2330d0fbc8fea803
770d5dfb6a1f79b40652f9e05c48413603f9a1a7c96f997eb4d39b07fab84421
7fa1c7b1686f9f116183456c39f7b3ed9cce063cfb428e575fe4a29ae05c4fa6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8cfdb818669c969c956138d8e9d666f7198c1369c03486a846f535f7dc132757
934c7e53aed9ae8ddc106f4d215c94420dcf6d9f75eabaaabd38f2dc5ab4699e
95698b6af45a720fa13415398e77c20504c6ae8bf75e3a462e5aa1f67bc42b11
95783bf43b78701a92daf5ec7268db97c7144599c774821126b8cc5396724bfa
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9666c4b4ff8494ef844a31d46f0e436e10c5914a28dcf78e43f880c7dfcd7c36
9b32fd96ddcb96dd575ef3821533f396a33dcef671cce0573dbe53753c8c49a0
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a0aa48808ddef7604ba969db62e4af3a2ba001b7a8751823cf0ab2d430308ea5
a2b547891d584a8bf38396379676d3d59311d5c0ec087c408f009151d21bec94
a70d5b9ad136255942779acf94da5cc72316fde5c10c5e7707d6f1888f43dcb8
a8d173efa6f88e3b2592fe2586d37289e5fffe00ed87e9728d5a0fc82f9709ac
a9d223169bdabbdfe3a3a39ab3597df51b729ec1363270aef238de0595bf3561
aa5740e5dd91661ac0c60b3074143ec1e654ae1f1297ac3d390a3369521d7def
ae407e415a45b6c720d8d61fef8c28756883d0f546a64e7a2969d6174c669951
ae50002108857fc4760f878c17834297141e0715e5513be2c2a9754b56e28a4d
af541c3da7437e04cc6b364df8c496ed3ab7be2e45f2e0283a040a1ceea51173
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b2d45758098ad4513cbcb4b8d2ea58c84f37ab1642b9aefd81818da523e8c6
bd162f540d2ced39e73b10c5c7d51e84db1b90242419de4ffbe983a3f487affd
bf1325ce561c93e54c85fe261dca05c1d4954f0604daa0cb52742c9ae0adcd0a
c30417ade9612a3d09d816f48c1f1640283658e0787f8c47340b5eb4f722f900
cae6e293bf184d5f9aa3aadb72bb93d74eda524c759687589233c1c8ca03f94a
cd715c0fa7d69e85432e8b08d0a02b9613edf40212cca2040bde31670167638e
ceffb891c3e1891757ead2e7e41497adc13abca0d14d7f58d20e3aa8d5aee108
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
d165f84e466f4d1c4e4840e7bddf5e6e0114e114cf2c555078c40719498430dc
d2fe67ecc4354b214728e0a7d75b67536a78f6b575080b589d54a1937fc46b41
d3b542800ef8e1df333b81d7ff9a8dc2764a09a013bc916485d21391257f5be5
d4e6d303036dd6be644751d91dd2f32eb46246305000f84381851a54e7a8b294
dd97ee88cf27cd554b45350b00827365f5c1df0e92f7108d8c4bc282f9be5cb9
dfd272053c730cd470302af475eb401d9be41c81f0081c20d7910f6c12732c9d
e0cc0930a1ab7e9ae754783576228f3c32caa07605236711cf81035f3f45f0ea
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f542f904faa40728ec73c89bd88d360cfd49bcd3c08de009bb83a5de1d2c04
e55516d320a925a84246c11ae96b163de908c158d063608e1c2552d58d46354a
e5f1bab62856cb69b0f1d460b43cb4386a7568e6e88f8cf02192ffd2fc2ad0d0
e9cac3eeba1fc86e06fdc013a4c52742e9b4bd14b7be6517321127d4515095ce
ea7373d7059ab32d4304249b48a91311f91d2dce5e1ebf10450f33f9a8c5f5ec
ebfd6cf3438fa94e034b9a351ef06363ddcf3da9245e5f624c42c040495a1ea4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3e2e0f12c5badfe408d69bf6c0fa9ce6247f9a45c849851a53b8647637cfcd0
f44a1114717d339dae9565b73af58004d4cee95749f24fb666dbcce5f0ee7096
f5ecce10349496978fe9d058a12564e3cb0e48adf3c0e1a7fc57df3e66a78507
fb7a86f12d2f0ac2f4111c147415ab30f9c7d84c5e15faba3875fce7ce590127
fb8dda9221a64450a8195dc4e776a3dcc0770c56bfa05ef2372ca87a0e841d74
ff29991c34535dc315e224625153dcd3a6753a224af31f4fae09b0fcf0cfb98b
ff2ae991ac0efdb5ae8b4428ba8555a0aeb0fd94b8014ce290c484242c524097

www.zdnet.com Open in urlscan Pro 2a04:4e42:1b::444 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

224 Requests

100 %HTTPS

50 %IPv6

23 Domains

39 Subdomains

30 IPs

6 Countries

3802 kBTransfer

10408 kBSize

16 Cookies

35 Outgoing links

Redirected requests

224 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 20 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zdnet.com Open in urlscan Pro
2a04:4e42:1b::444 Public Scan

Screenshot
Live screenshot

Full Image

224
Requests

100 %
HTTPS

50 %
IPv6

23
Domains

39
Subdomains

30
IPs

6
Countries

3802 kB
Transfer

10408 kB
Size

16
Cookies

224 HTTP transactions
20 data transactions