kbim.mcafe.com Open in urlscan Pro
109.74.4.246  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response kbim.mcafe.com/	3 KB 2 KB	505ms 356ms	Document text/html	109.74.4.246 GLESYS-AS
General Check archive.org Show headers Download Go to Full URL http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 109.74.4.246 Stockholm, Sweden, ASN43948 (GLESYS-AS, SE), Reverse DNS 109-74-4-246-static.glesys.net Software Apache/2.4.10 (Debian) / Resource Hash 7ca554f34a1c5f2e04feb03f851b8d0bb3437c317052d8f69d322dbed127f752 Request headers Host kbim.mcafe.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:00:24 GMT Server Apache/2.4.10 (Debian) Set-Cookie PHPSESSID=mk9mp9ocfpr19il3dbmafi4le1; path=/ Expires Thu, 19 Nov 1981 08:52:00 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma no-cache Vary Accept-Encoding Content-Encoding gzip Content-Length 1340 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	global.css mcafe.com//live/includes/globals/	6 KB 2 KB	180ms 31ms	Stylesheet text/css	109.74.4.246 GLESYS-AS
General Check archive.org Show headers Download Go to Full URL http://mcafe.com//live/includes/globals/global.css Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 109.74.4.246 Stockholm, Sweden, ASN43948 (GLESYS-AS, SE), Reverse DNS 109-74-4-246-static.glesys.net Software Apache/2.4.10 (Debian) / Resource Hash 34feaf7e01faa96a3c76b30c9baa57c9c0d22b62e05c5d96556c6aebe43fc999 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host mcafe.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://kbim.mcafe.com/ Connection keep-alive Cache-Control no-cache Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:00:25 GMT Content-Encoding gzip Last-Modified Fri, 24 May 2013 09:30:48 GMT Server Apache/2.4.10 (Debian) ETag "1619-4dd73743d6200-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 1353
GET H/1.1	200 OK	style.css mcafe.com//live/templatesdir/styles/Easy_IT/	2 KB 1 KB	179ms 30ms	Stylesheet text/css	109.74.4.246 GLESYS-AS
General Check archive.org Show headers Download Go to Full URL http://mcafe.com//live/templatesdir/styles/Easy_IT/style.css Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 109.74.4.246 Stockholm, Sweden, ASN43948 (GLESYS-AS, SE), Reverse DNS 109-74-4-246-static.glesys.net Software Apache/2.4.10 (Debian) / Resource Hash ba1298ba424cdd79e18d11bf0359116a03a7bce1e6295db3d6a3127f9e635ce5 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host mcafe.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://kbim.mcafe.com/ Connection keep-alive Cache-Control no-cache Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:00:25 GMT Content-Encoding gzip Last-Modified Thu, 11 May 2017 21:56:56 GMT Server Apache/2.4.10 (Debian) ETag "87f-54f46aada9df0-gzip" Vary Accept-Encoding Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 690
GET H/1.1	200 OK	jquery.js Show response mcafe.com/live/includes//statistics/	54 KB 19 KB	185ms 34ms	Script application/javascript	109.74.4.246 GLESYS-AS
General Check archive.org Show headers Download Go to Full URL http://mcafe.com/live/includes//statistics/jquery.js Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 109.74.4.246 Stockholm, Sweden, ASN43948 (GLESYS-AS, SE), Reverse DNS 109-74-4-246-static.glesys.net Software Apache/2.4.10 (Debian) / Resource Hash 17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host mcafe.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept */* Referer http://kbim.mcafe.com/ Connection keep-alive Cache-Control no-cache Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:00:25 GMT Content-Encoding gzip Last-Modified Mon, 07 May 2012 12:46:13 GMT Server Apache/2.4.10 (Debian) ETag "d7e8-4bf71a7b96f40-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 19147
GET H/1.1	200 OK	zk22ydhzi Show response retargettracker.com/in/group/	0 258 B	559ms 269ms	Script text/html	192.243.109.106 Conseev LLC
General Check archive.org Show headers Download Go to Full URL http://retargettracker.com/in/group/zk22ydhzi Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 192.243.109.106 Glenview, United States, ASN36454 (CNSV-LLC - Conseev LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:03:06 GMT Cache-Control no-cache, private Server nginx/1.6.2 Connection keep-alive Content-Encoding gzip Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	photo.jpeg mcafe.com/live/images/photos/61fcfa61cdeabb8/	18 KB 18 KB	183ms 33ms	Image image/jpeg	109.74.4.246 GLESYS-AS
General Check archive.org Show headers Download Go to Show image Full URL http://mcafe.com/live/images/photos/61fcfa61cdeabb8/photo.jpeg Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 109.74.4.246 Stockholm, Sweden, ASN43948 (GLESYS-AS, SE), Reverse DNS 109-74-4-246-static.glesys.net Software Apache/2.4.10 (Debian) / Resource Hash 4dbc0e6b6b4f97902366ad633b7008456e0b77a7f61c5314e2785450bef04035 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host mcafe.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Accept image/webp,image/apng,image/*,*/*;q=0.8 Referer http://kbim.mcafe.com/ Connection keep-alive Cache-Control no-cache Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:00:25 GMT Last-Modified Fri, 16 May 2014 07:56:08 GMT Server Apache/2.4.10 (Debian) ETag "48a6-4f97fbf085600" Content-Type image/jpeg Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 18598
GET H/1.1	200 OK	gpt.js Show response www.googletagservices.com/tag/js/	27 KB 10 KB	63ms 41ms	Script text/javascript	2a00:1450:4001:824::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL http://www.googletagservices.com/tag/js/gpt.js Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:824::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 4afaeb690833e804e644cffd2bb61bfa22fada2441c33232d67696dda7c8bea7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Date Thu, 06 Dec 2018 17:00:25 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server sffe ETag "12 / 710 of 1000 / last-modified: 1544111437" Vary Accept-Encoding Content-Type text/javascript Cache-Control private, max-age=900, stale-while-revalidate=3600 Timing-Allow-Origin * Content-Length 9605 X-XSS-Protection 1; mode=block Expires Thu, 06 Dec 2018 17:00:25 GMT
GET S	200	integrator.js Show response adservice.google.de/adsid/	109 B 171 B	17ms 16ms	Script application/javascript	2a00:1450:4001:821::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=kbim.mcafe.com Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:821::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Thu, 06 Dec 2018 17:00:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	integrator.js Show response adservice.google.com/adsid/	109 B 171 B	16ms 16ms	Script application/javascript	2a00:1450:4001:806::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=kbim.mcafe.com Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Thu, 06 Dec 2018 17:00:25 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." status 200 cache-control private, no-cache, no-store content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 104 x-xss-protection 1; mode=block
GET S	200	pubads_impl_277.js Show response securepubads.g.doubleclick.net/gpt/	184 KB 63 KB	41ms 41ms	Script text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js Requested by Host: www.googletagservices.com URL: http://www.googletagservices.com/tag/js/gpt.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software sffe / Resource Hash 9bf3fa92a53ecd66eacbc93b745d721ca9d03bce4c371e43d7022721e038f0d3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 06 Dec 2018 17:00:25 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 03 Dec 2018 15:29:55 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 63903 x-xss-protection 1; mode=block expires Thu, 06 Dec 2018 17:00:25 GMT
GET S	200	ads Show response securepubads.g.doubleclick.net/gampad/	33 KB 6 KB	61ms 60ms	XHR text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1916421769714589&correlator=435125162569359&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062069%2C21062819&vrg=277&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=0&sfv=1-0-31&iu_parts=40173864%2CPT_parking%2CMT_parking&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=980x240%2C300x250%7C320x320&prev_scp=Park%3DIT%7CPark%3DIT&cookie_enabled=1&bc=7&abxe=1&lmt=1544115625&dt=1544115625333&dlt=1544115624928&idt=377&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C-9&adys=0%2C-9&adks=3476279294%2C2678141265&ucis=1%7C2&gut=v2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=http%3A%2F%2Fkbim.mcafe.com%2F&dssz=10&icsg=2216&std=0&vis=1&scr_x=0&scr_y=0&psz=1585x240%7C0x0&msz=980x-1%7C0x0&ga_vid=235973299.1544115625&ga_sid=1544115625&ga_hid=973777731&fws=4%2C2 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software cafe / Resource Hash 1d97e6854f50a42b3685446a64997027782fa516ddb1fbe565f45bfdc7369ff1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Referer http://kbim.mcafe.com/ Origin http://kbim.mcafe.com Response headers date Thu, 06 Dec 2018 17:00:25 GMT content-encoding gzip x-content-type-options nosniff google-mediationgroup-id -2,-2 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 content-disposition attachment; filename="f.txt" alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 6237 x-xss-protection 1; mode=block google-lineitem-id 113711504,115433024 pragma no-cache server cafe google-mediationtag-id -2 google-creative-id 43676217104,138234837238 content-type text/javascript; charset=UTF-8 access-control-allow-origin http://kbim.mcafe.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET S	200	pubads_impl_rendering_277.js Show response securepubads.g.doubleclick.net/gpt/	62 KB 24 KB	40ms 40ms	Script text/javascript	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_277.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software sffe / Resource Hash 17a199c2500a333bd801a2b41f017f1e026c67f0e498ded7a2cb8a14bcbe8940 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Thu, 06 Dec 2018 17:00:25 GMT content-encoding gzip x-content-type-options nosniff last-modified Mon, 03 Dec 2018 15:29:55 GMT server sffe vary Accept-Encoding content-type text/javascript status 200 cache-control private, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 24102 x-xss-protection 1; mode=block expires Thu, 06 Dec 2018 17:00:25 GMT
GET H/1.1	200 OK	container.html tpc.googlesyndication.com/safeframe/1-0-31/html/	0 0	11ms 6ms	Other text/html	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL http://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js Protocol HTTP/1.1 Server 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Resource Hash Request headers Purpose prefetch Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers
GET S	200	amp4ads-host-v0.js Show response cdn.ampproject.org/rtv/011811091519050/	19 KB 8 KB	42ms 7ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/amp4ads-host-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 9a25c86a17b9608113ce87e156ffe2637e87ac72ec352807708ad11b92bc63c1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 1895519 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 7680 x-xss-protection 1; mode=block server sffe date Wed, 14 Nov 2018 18:28:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "7870f8f5bb5e1dfb" accept-ranges bytes timing-allow-origin * expires Thu, 14 Nov 2019 18:28:26 GMT
GET S	200	amp4ads-v0.js Show response cdn.ampproject.org/rtv/011811091519050/ Frame E519	266 KB 85 KB	44ms 15ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_277.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash cde45bf39d2c742ada11e643e17633f131b30692be952fed8ba8656fcb2a8f5e Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 28515 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 86483 x-xss-protection 1; mode=block server sffe date Thu, 06 Dec 2018 09:05:10 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "aab7bd24599cd6a4" accept-ranges bytes timing-allow-origin * expires Fri, 06 Dec 2019 09:05:10 GMT
GET S	200	amp-analytics-0.1.js Show response cdn.ampproject.org/rtv/011811091519050/v0/ Frame E519	127 KB 40 KB	37ms 8ms	Script text/javascript	2a00:1450:4001:825::2001 Google LLC
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/011811091519050/v0/amp-analytics-0.1.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_277.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash 3a199617a5ff071b94b8b41c86337766b1aabee24b3e17784fb463e493b361f1 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp content-encoding gzip x-content-type-options nosniff age 28512 status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 40871 x-xss-protection 1; mode=block server sffe date Thu, 06 Dec 2018 09:05:13 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/javascript access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "817479b66f4f95f8" accept-ranges bytes timing-allow-origin * expires Fri, 06 Dec 2019 09:05:13 GMT
GET DATA	200 OK	truncated / Frame E519	211 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9eb8fbd337c0ee457b4aee36983154021eb7a64ced1adb3a47382cc4512e6b6a Request headers Response headers Access-Control-Allow-Origin * Content-Type image/png
GET H/1.1	200 OK	osd.js Show response pagead2.googlesyndication.com/pagead/	72 KB 27 KB	6ms 6ms	Script text/javascript	2a00:1450:4001:81c::2002 Google LLC
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/osd.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_277.js Protocol HTTP/1.1 Server 2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash 2baebc7272b93d242f46f51aee7e17e254fa369018506363052b6e19152fda0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers Timing-Allow-Origin * Date Thu, 06 Dec 2018 16:31:39 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe Age 1726 ETag 7727735366557445198 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control public, max-age=3600 Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 26732 X-XSS-Protection 1; mode=block Expires Thu, 06 Dec 2018 17:31:39 GMT
GET S	200	17009398009751403951 tpc.googlesyndication.com/simgad/ Frame E519	12 KB 12 KB	7ms 6ms	Image image/png	2a00:1450:4001:81f::2001 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/17009398009751403951 Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:81f::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software sffe / Resource Hash d5824e846bf5dd85f19d1467406d150aebb387168714bec2c88456396dc83e12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers date Tue, 27 Nov 2018 20:30:07 GMT x-content-type-options nosniff age 765018 x-dns-prefetch-control off status 200 alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 12459 x-xss-protection 1; mode=block last-modified Fri, 16 Jan 2015 12:39:09 GMT server sffe content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 27 Nov 2019 20:30:07 GMT
GET S	200	view securepubads.g.doubleclick.net/pcs/ Frame E519	0 244 B	22ms 21ms	Image image/gif	172.217.23.162 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuopM8NO6pVRLPZBwcRTBVAMxutGNGqLxQVRNAhBAi8bgUzHbxQhX7eE1WjxGP0TbwQFcJwcDeBAR6wq1t2LyL4VEceqVPT5VhNjbJIFCULMfSNDBAly27v6NowrWzt1SuqWDuzoVr2TVJtbCXfc9OimAPuDPyEtLYKWHkmaRqxIbFGNdPBteeX8uOVd1SXJREstM31HuU35QwRAZHEk7F0X2d-18QdS9hRU85na3S8Y64g721zaG2P&sai=AMfl-YTCLJGaW91GCENjSfqUAyQVnn1oy8uXL0h7cbFSfz_v1jOTHSyf79JP_Tcb-ZxaYlWgv4lTrlxUk5SjhyfnEBppEOxpMGDYRUhDyUNfTA&sig=Cg0ArKJSzKYAp94N9_JQEAE&adurl= Requested by Host: kbim.mcafe.com URL: http://kbim.mcafe.com/ Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 172.217.23.162 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS fra15s22-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers timing-allow-origin * date Thu, 06 Dec 2018 17:00:25 GMT x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" status 200 cache-control private content-type image/gif alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 0 x-xss-protection 1; mode=block expires Thu, 06 Dec 2018 17:00:25 GMT
GET S	200	activeview pagead2.googlesyndication.com/pcs/ Frame E519	42 B 110 B	26ms 25ms	Image image/gif	2a00:1450:4001:819::2002 Google LLC
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSfx9k0JcitEgU8H8nCfY92-5BCkrc5cWjf-xPWPJ8f-me2opYxsRy0Hya9zSA5RF5949UTLblCHCRQMG9qfMpYiEAPcMntjaTqIM&sig=Cg0ArKJSzEJMxV-05lTkEAE&id=ampim&o=0,0&d=980,240&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=53&tls=1053&g=100&h=100&pt=27&tt=1053&rpt=27&rst=1544115625324&r=v&adk=3476279294&avms=ampa Protocol SPDY Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://kbim.mcafe.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Response headers pragma no-cache date Thu, 06 Dec 2018 17:00:26 GMT x-content-type-options nosniff server cafe timing-allow-origin * status 200 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate content-type image/gif alt-svc quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39,35",quic=":443"; ma=2592000; v="44,43,39,35" content-length 42 x-xss-protection 1; mode=block expires Fri, 01 Jan 1990 00:00:00 GMT
POST S	200	r Show response amp-error-reporting.appspot.com/ Frame E519	2 B 155 B	141ms 112ms	XHR text/plain	2a00:1450:4001:825::2014 Google LLC
General Check archive.org Show headers Download Go to Full URL https://amp-error-reporting.appspot.com/r Requested by Host: cdn.ampproject.org URL: https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js Protocol SPDY Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a00:1450:4001:825::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US), Reverse DNS Software / Express Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Request headers Referer http://kbim.mcafe.com/ Origin http://kbim.mcafe.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 06 Dec 2018 17:00:26 GMT via 1.1 google x-powered-by Express status 200 content-type text/plain; charset=utf-8 access-control-allow-origin * alt-svc quic=":443"; ma=2592000; v="44,43,39,35" content-length 2

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| selectText object| googletag object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| GPT_jstiming object| google_reactive_ads_global_state undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| gaGlobal function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mcafe.com/	1970-01-19 14:26:27	Name: __gads Value: ID=b7ec039d88522a8a:T=1544115625:S=ALNI_MZ0tGI9UWWgaL1yOZdd-VHpksfe3g
			kbim.mcafe.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: mk9mp9ocfpr19il3dbmafi4le1

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js(Line 546) Message: Powered by AMP ⚡ HTML – Version 1811091519050
console-api	error	URL: https://cdn.ampproject.org/rtv/011811091519050/amp4ads-v0.js(Line 145) Message: localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
amp-error-reporting.appspot.com
cdn.ampproject.org
kbim.mcafe.com
mcafe.com
pagead2.googlesyndication.com
retargettracker.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
109.74.4.246
172.217.23.162
192.243.109.106
2a00:1450:4001:806::2002
2a00:1450:4001:819::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:81f::2001
2a00:1450:4001:821::2002
2a00:1450:4001:824::2002
2a00:1450:4001:825::2001
2a00:1450:4001:825::2014
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
17a199c2500a333bd801a2b41f017f1e026c67f0e498ded7a2cb8a14bcbe8940
17ec1f16efac893b9bd89bba5f13cb1e0bf938bdc9cece6cae3ed77f18fa6fd7
1d97e6854f50a42b3685446a64997027782fa516ddb1fbe565f45bfdc7369ff1
2baebc7272b93d242f46f51aee7e17e254fa369018506363052b6e19152fda0c
34feaf7e01faa96a3c76b30c9baa57c9c0d22b62e05c5d96556c6aebe43fc999
3a199617a5ff071b94b8b41c86337766b1aabee24b3e17784fb463e493b361f1
4afaeb690833e804e644cffd2bb61bfa22fada2441c33232d67696dda7c8bea7
4dbc0e6b6b4f97902366ad633b7008456e0b77a7f61c5314e2785450bef04035
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
7ca554f34a1c5f2e04feb03f851b8d0bb3437c317052d8f69d322dbed127f752
9a25c86a17b9608113ce87e156ffe2637e87ac72ec352807708ad11b92bc63c1
9bf3fa92a53ecd66eacbc93b745d721ca9d03bce4c371e43d7022721e038f0d3
9eb8fbd337c0ee457b4aee36983154021eb7a64ced1adb3a47382cc4512e6b6a
ba1298ba424cdd79e18d11bf0359116a03a7bce1e6295db3d6a3127f9e635ce5
cde45bf39d2c742ada11e643e17633f131b30692be952fed8ba8656fcb2a8f5e
d5824e846bf5dd85f19d1467406d150aebb387168714bec2c88456396dc83e12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629