www.eweek.com Open in urlscan Pro
23.37.42.150 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870
Effective URL:
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Submission: On September 22 via api (September 22nd 2020, 10:44:52 pm UTC) from US

Summary HTTP 165 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 34 domains to perform 165 HTTP transactions. The main IP is 23.37.42.150, located in Netherlands and belongs to AKAMAI-AS, US. The main domain is www.eweek.com.
TLS certificate: Issued by GeoTrust RSA CA 2018 on September 7th 2020. Valid for: 3 months.

This is the only time www.eweek.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 53	23.37.42.150 23.37.42.150	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
2 7	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81f::200e	15169 (GOOGLE) (GOOGLE)
2 2	2.16.177.56 2.16.177.56	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2.16.177.49 2.16.177.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	52.214.212.174 52.214.212.174	16509 (AMAZON-02) (AMAZON-02)
3	136.243.63.184 136.243.63.184	24940 (HETZNER-AS) (HETZNER-AS)
11	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
4	104.111.252.228 104.111.252.228	16625 (AKAMAI-AS) (AKAMAI-AS)
2	151.101.14.133 151.101.14.133	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:820::200e	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1 1	2600:9000:205... 2600:9000:2057:4400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 4	54.153.50.250 54.153.50.250	16509 (AMAZON-02) (AMAZON-02)
7	52.45.148.44 52.45.148.44	14618 (AMAZON-AES) (AMAZON-AES)
4	34.253.48.240 34.253.48.240	16509 (AMAZON-02) (AMAZON-02)
2	104.111.250.210 104.111.250.210	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:6c0... 2a02:26f0:6c00::210:baa3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
2	207.189.124.19 207.189.124.19	393648 (ACTON-SOF...) (ACTON-SOFTWARE)
1	23.111.9.64 23.111.9.64	33438 (HIGHWINDS2) (HIGHWINDS2)
2	13.224.193.72 13.224.193.72	16509 (AMAZON-02) (AMAZON-02)
1	34.249.122.179 34.249.122.179	16509 (AMAZON-02) (AMAZON-02)
1 1	18.133.35.94 18.133.35.94	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	70.42.23.90 70.42.23.90	25878 (QNST-DC01) (QNST-DC01)
1	2600:9000:20e... 2600:9000:20e8:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	54.175.222.188 54.175.222.188	14618 (AMAZON-AES) (AMAZON-AES)
1	192.28.144.124 192.28.144.124	15224 (OMNITURE) (OMNITURE)
1 1	2600:1f18:730... 2600:1f18:730:b110:b216:4622:d058:b1a9	14618 (AMAZON-AES) (AMAZON-AES)
1	35.171.210.100 35.171.210.100	14618 (AMAZON-AES) (AMAZON-AES)
1	54.82.222.91 54.82.222.91	14618 (AMAZON-AES) (AMAZON-AES)
165	38

53 23.37.42.150 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-150.deploy.static.akamaitechnologies.com

www.eweek.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cse.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.177.56 (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-56.deploy.static.akamaitechnologies.com

ntvcld-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.177.49 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-177-49.deploy.static.akamaitechnologies.com

ntvaim-a.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.212.174 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-212-174.eu-west-1.compute.amazonaws.com

addevent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 136.243.63.184 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xip08.oneall.com

eweekcom.api.oneall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.111.252.228 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-252-228.deploy.static.akamaitechnologies.com

c.evidon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.14.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

901e86046eff7c57bae7503e9f2d8d57.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:4400:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.153.50.250 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-50-250.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.45.148.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-148-44.compute-1.amazonaws.com

tatestdrive.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.253.48.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-48-240.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.250.210 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-250-210.deploy.static.akamaitechnologies.com

munchkin.marketo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:baa3 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.189.124.19 (United States)

ASN393648 (ACTON-SOFTWARE, US)

marketing.technologyadvice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.111.9.64 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

scout-cdn.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.193.72 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-72.fra2.r.cloudfront.net

js.driftt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.122.179 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.133.35.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-35-94.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.240 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.23.90 (United States)

ASN25878 (QNST-DC01, US)

qls.qsstats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.175.222.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-222-188.compute-1.amazonaws.com

scout.salesloft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.28.144.124 (United States)

ASN15224 (OMNITURE, US)

949-nym-063.mktoresp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b110:b216:4622:d058:b1a9 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.210.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-210-100.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.82.222.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-222-91.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	eweek.com 2 redirects www.eweek.com	1 MB
20	googlesyndication.com 901e86046eff7c57bae7503e9f2d8d57.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	283 KB
12	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	129 KB
10	google.com 2 redirects www.google.com cse.google.com adservice.google.com	5 KB
9	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	100 KB
7	blueconic.net tatestdrive.blueconic.net	125 KB
5	liadm.com 1 redirects b-code.liadm.com rp.liadm.com rp4.liadm.com i.liadm.com	14 KB
5	googletagservices.com www.googletagservices.com	141 KB
4	postrelease.com jadserve.postrelease.com Failed	2 KB
4	evidon.com c.evidon.com	15 KB
3	salesloft.com scout-cdn.salesloft.com scout.salesloft.com	4 KB
3	oneall.com eweekcom.api.oneall.com	15 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	driftt.com js.driftt.com	45 KB
2	technologyadvice.com marketing.technologyadvice.com	6 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	8 KB
2	marketo.net munchkin.marketo.net	7 KB
2	moatads.com z.moatads.com s-jsonp.moatads.com	56 KB
2	twitter.com platform.twitter.com	29 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	akamaized.net ntvaim-a.akamaized.net	27 KB
2	akamaihd.net 2 redirects ntvcld-a.akamaihd.net	674 B
1	mktoresp.com 949-nym-063.mktoresp.com	311 B
1	quantcount.com rules.quantcount.com	355 B
1	agkn.com 1 redirects aa.agkn.com	384 B
1	ml314.com ml314.com	517 B
1	facebook.com www.facebook.com	889 B
1	imrworldwide.com 1 redirects secure-gl.imrworldwide.com	956 B
1	google.ch adservice.google.ch	890 B
1	googleapis.com fonts.googleapis.com	1 KB
1	qsstats.com www.qsstats.com Failed qls.qsstats.com	346 B
1	addevent.com addevent.com	8 KB
1	ntv.io s.ntv.io	98 KB
0	google.de Failed www.google.de Failed
165	34

	Domain	Requested by
53	www.eweek.com	2 redirects www.eweek.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
11	securepubads.g.doubleclick.net	www.eweek.com securepubads.g.doubleclick.net
7	tatestdrive.blueconic.net	www.eweek.com tatestdrive.blueconic.net
7	www.google.com	2 redirects www.eweek.com securepubads.g.doubleclick.net
5	www.googletagservices.com	securepubads.g.doubleclick.net
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net
4	beacon.krxd.net	cdn.krxd.net
4	jadserve.postrelease.com	www.eweek.com
4	c.evidon.com	www.eweek.com c.evidon.com
3	cdn.krxd.net	www.eweek.com cdn.krxd.net
3	eweekcom.api.oneall.com	www.eweek.com eweekcom.api.oneall.com
2	scout.salesloft.com	scout-cdn.salesloft.com
2	secure.adnxs.com	1 redirects
2	js.driftt.com	www.eweek.com js.driftt.com
2	marketing.technologyadvice.com	www.eweek.com
2	b-code.liadm.com	cdn.krxd.net b-code.liadm.com
2	munchkin.marketo.net	www.eweek.com munchkin.marketo.net
2	consumer.krxd.net	cdn.krxd.net
2	platform.twitter.com	www.eweek.com platform.twitter.com
2	www.google-analytics.com	www.eweek.com www.google-analytics.com
2	ntvaim-a.akamaized.net	www.eweek.com
2	ntvcld-a.akamaihd.net	2 redirects
2	cse.google.com	www.eweek.com
1	i.liadm.com	b-code.liadm.com
1	pixel.quantserve.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	949-nym-063.mktoresp.com	munchkin.marketo.net
1	rules.quantcount.com	secure.quantserve.com
1	qls.qsstats.com	www.eweek.com
1	aa.agkn.com	1 redirects
1	ml314.com
1	scout-cdn.salesloft.com	www.eweek.com
1	secure.quantserve.com	www.eweek.com
1	www.facebook.com	www.eweek.com
1	secure-gl.imrworldwide.com	1 redirects
1	901e86046eff7c57bae7503e9f2d8d57.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ch	securepubads.g.doubleclick.net
1	s-jsonp.moatads.com	www.eweek.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	www.eweek.com
1	z.moatads.com	s.ntv.io
1	addevent.com	www.eweek.com
1	s.ntv.io	www.eweek.com
0	www.google.de Failed	www.eweek.com
0	www.qsstats.com Failed	www.eweek.com
165	48

This site contains links to these domains. Also see Links.

Domain
twitter.com
www.facebook.com
www.linkedin.com
www.youtube.com
www.mcafee.com
blogs.mcafee.com
www.onelogin.com
technologyadvice.com
www.esecurityplanet.com
www.itbusinessedge.com
www.developer.com
www.enterprisestorageforum.com
www.serverwatch.com
www.datamation.com

Subject Issuer	Validity	Valid
www.quinstreet.com GeoTrust RSA CA 2018	`2020-09-07` - `2020-12-16`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
addevent.com Amazon	`2020-03-13` - `2021-04-13`	a year	crt.sh
*.api.oneall.com Sectigo RSA Domain Validation Secure Server CA	`2019-07-29` - `2021-07-30`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.evidon.com DigiCert Secure Site ECC CA-1	`2020-04-29` - `2021-07-29`	a year	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-09-14` - `2021-09-14`	a year	crt.sh
*.google.ch GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-09-11` - `2020-12-10`	3 months	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2 years	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh
*.marketo.net DigiCert SHA2 Secure Server CA	`2020-03-14` - `2021-04-13`	a year	crt.sh
b-code.liadm.com DigiCert Secure Site ECC CA-1	`2020-06-23` - `2021-09-22`	a year	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
marketing.technologyadvice.com Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh
salesloft.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-23` - `2021-03-23`	a year	crt.sh
drift.com Amazon	`2020-09-21` - `2021-10-23`	a year	crt.sh
*.ml314.com Amazon	`2020-02-17` - `2021-03-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
qls.qsstats.com DigiCert SHA2 Secure Server CA	`2019-02-20` - `2021-04-21`	2 years	crt.sh
*.mktoresp.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2022-01-21`	2 years	crt.sh
*.liadm.com Amazon	`2020-01-17` - `2021-02-17`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Frame ID: 9236570155321FEC7AC9FBB971901D8E
Requests: 129 HTTP requests in this frame

Frame: https://www.eweek.com/imageserver/common/sg/1.0/sg.min.js
Frame ID: B67DA18CE29BE66C66C85CC9CEC97C2D
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fwww.eweek.com
Frame ID: 4711E876FE8EE251639FCF14DC47D0CA
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 82FEDFF7559069C627144AC32B9D213D
Requests: 1 HTTP requests in this frame

Frame: https://eweekcom.api.oneall.com/socialize/loudvoice/discussion/?args=%7B%22placeholder_start_discussion%22%3A%22%40%22%2C%22placeholder_leave_comment%22%3A%22%40%22%2C%22iframeid%22%3A%22oa_loudvoice_frame_107505%22%2C%22providers%22%3A%5B%22facebook%22%2C%22google%22%2C%22linkedin%22%5D%2C%22page_title%22%3A%22McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22author_session_token%22%3A%22%22%2C%22parent_uri%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22comment_depth%22%3A%5B5%2C3%5D%2C%22comment_direction%22%3A%22%22%2C%22custom_css_uri%22%3A%22%22%2C%22offset_top%22%3A0%2C%22enable_editor%22%3Afalse%2C%22render_collapsed%22%3Afalse%2C%22reference%22%3A%22%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22id%22%3A107505%7D&lang=en
Frame ID: 05AC9499DEC2AE1E1E98C8977DFA2183
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRdecxe3lN24elU5mUPBn7zGwltsUU3ydNHEKmWsWCvRMk8kOc3GYIyrPW9ReTzWEmBA-3wTTmak1adh-wsE4obFyI-DUjaC46XdOqGX962VLa8FslOLpvfnvdInBYsjqeVQUuxXvCFLYYjsdYnjKnqYqpyflINXJ3ljKjrIuBdDViAOFg1n0xxyz_fx_b1Rusc5vBY0SkYwm8w4JjmphkDqs173AsrUV94QRvhPcT44ZKMmHDfDLatUi90bIbb2NL2nkI__WIxKEmwQ&sai=AMfl-YRJzYqM9cj5DT8TdD0ocwp9c-wQxj32-2nQkgDV91NjD8owLRJJD-cO802K3EP0oOO1JtQo8BLGCbI3QpKTdkdVWO9UXhNv7vmCb6zelFgZI71z95FnNTkhh4liYXo&sig=Cg0ArKJSzC9F3_4cL7-qEAE&adurl=
Frame ID: A982341B6142C9DC49538786DDA452F7
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuicVY0I2gkB50eT3zJ0qz-cmessul0EtHWkEZzb9Oeg0hxFoe_E7MlRcOkwZHVnBoO4kLMy7GJbEWuh2xCTmSct0Kly60cxHyn4s6LjcuEsZ8iX2wMQqYvaeEsfPT3sYDG3Y_Wy5CygQlWNQOk8G4thvZTskQ7f7J67B54uqLdtbxfh3-0enqvFx0Dj1YNcBh4ZqGhxLMlOb-ipuldDZz8NWbwaqdCOy_jVYqQx4I1T9oRfJi0XN5ksALKa1hnmxiXXPw0HIcKlPaXKw&sai=AMfl-YQ-xMX3O1dNJuwfPh_NDTI4hl5zPUaCmXmzMxtf8I_AKrXjpUo0jIidNdA6S0sR9YckGvbd8zpEETk2G3eUpI7MFBobuCD1i1HCnfNuA9yHZj2TLfg5fIdhVbvmKms&sig=Cg0ArKJSzMUhxUp7gES_EAE&adurl=
Frame ID: 3FC9A21E0EA4E6B1F44D8E7BB2AD9768
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkg4BX6RCtAX6l4QdRq0ES3TFR7AAy1OG4e30QJLyiSi9zhyK_EGVpyPrPQUwodvAmp5oL_hCvU9tGTo3c73qORkFmaDyN5hjJ1-14ZH9aaqOTY4zOjcbGxgaUSbbMc_1ZRiCYaZ_V52BEsvQdFo3OKHkhOdxNsZGbXJz1ZiDmKy-O07MVZeiB44Oy58vfmUJsRdiF81FxlXf-UixEQ90k1CFZxw_WrLgWLwSknA-cSG3QNHGQq_I49h7-poPOtjIgKZWXc0Yjz39M&sai=AMfl-YRAX-UR2tlumSUtPeWEphCNuCy78pgMxYwA5k9_FvP8SdpC7554rIFZcXYXNsf_IPc6dbEeKcbTnPHAG1SZ39RpZg_uczo7IiJVkgme2oMlKnB6nH7RG0yBr_RsuUY&sig=Cg0ArKJSzOjgAlqG9bJlEAE&adurl=
Frame ID: 31A390B89E5E3C275BBB19DCD8C4C90C
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstStDxwehiR4joBtaLH-nes9F0tA9AR8jFcc2HhhwaS4b74by2gDFI_tBN2MSx0zPXRttxQNNCDvukT9hbOPfX2fvB5kVwCnzxfSjZTgVPrPWBgCcINxtlWTdCbvyTOOqUKiPDg8tslyjD1i8Nt3EXYxUwpjqtOaq6uhFqsztW-Y3SAwPmb9vXS7T2uehZA7MICRw3U6xCBEWnOCwnbQuibgFoxMuDBGfDl5lAQzXaneUceTF7ezBuk7h1wI_rO5yI53yQ1G1QLIDWK&sai=AMfl-YRDHkNHk2oCSDBvVf9FTiqeBtq1VSbkTDSDfcXzafLrb7EHA8YiXyhhcuFrbMMMqQpiSpDCPVbvMVGKdcdteJy8fGXUGhZ4BkgCQXGmS0txHhI1JZHttMb7hql_Qaw&sig=Cg0ArKJSzLRbigxvHYp-EAE&adurl=
Frame ID: C218B57BBE01605C9930C309CF122011
Requests: 8 HTTP requests in this frame

Frame: https://js.driftt.com/deploy/assets/index.html
Frame ID: 315963E2FAA7F7EF6377A46BEC8EFC88
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E0E0C59F72C6D0BD89BB972E0D49C5F1
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01eo?s=&cim=&ps=true&ls=true&duid=8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 439CA580A0D67EB2DA2144159193FCEE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-... HTTP 301
https://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-... HTTP 302
http://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective HTTP 307
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

Page Statistics

165
Requests

94 %
HTTPS

37 %
IPv6

34
Domains

48
Subdomains

38
IPs

6
Countries

2658 kB
Transfer

5571 kB
Size

21
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/eWEEKNews
Title:

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/eWEEK/49650732622
Title:

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/eweek-washington-bureau?trk=company_name
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/eweeknews
Title:

Search URL Search Domain Scan URL

URL: http://www.mcafee.com/us/resources/white-papers/wp-global-energy-cyberattacks-night-dragon.pdf
Title: dubbed "Night Dragon" (PDF),

Search URL Search Domain Scan URL

URL: http://blogs.mcafee.com/corporate/cto/global-energy-industry-hit-in-night-dragon-attacks
Title: George Kurtz blogged

Search URL Search Domain Scan URL

URL: https://www.onelogin.com/events/connect/connect-2020?utm_medium=display&utm_source=techadvicecpc&utm_campaign=connect2020_noam
Title: Sponsored Content

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/erp/?utm_source=technologyadvice&utm_medium=native&utm_term=buyer&utm_campaign=findtopratederpsoftware
Title: Sponsored Content

Search URL Search Domain Scan URL

URL: https://www.esecurityplanet.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.itbusinessedge.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.developer.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.enterprisestorageforum.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.serverwatch.com/
Title:

Search URL Search Domain Scan URL

URL: https://www.datamation.com/
Title:

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/terms-conditions/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/privacy-policy/
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/programs/digital-advertising-solutions/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://technologyadvice.com/privacy-policy/ccpa-opt-out-form
Title: California - Do Not Sell My Info

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870 HTTP 301
https://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870 HTTP 302
http://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective HTTP 307
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://www.google.com/coop/cse/brand?form=cse-search-box&lang= HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=

Request Chain 8

https://www.google.com/coop/cse/brand?form=cse-search-box-footer&lang= HTTP 302
https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=

Request Chain 9

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png HTTP 302
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png

Request Chain 10

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/4C018C95071E49318E9FB379B93D0225.jpg HTTP 302
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/4C018C95071E49318E9FB379B93D0225.jpg

Request Chain 90

https://secure-gl.imrworldwide.com/cgi-bin/m?ci=nlsnapi29032&am=4&ep=1&at=view&rt=banner&st=image&ca=moat_tsci_7GD8k&cr=crv3966877&pc=b-11238-www.nativo.com&r=1600814663098 HTTP 302
https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&placement_id=0f75615df50b11c30a37f4d32869ebe2dd60e9db3bd327b133d12813199638bb&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20200922&imp=1&h=d42dd3447f&rnd=1600814663

Request Chain 132

https://jadserve.postrelease.com/ce.gif?do=gci&fpd=www.eweek.com&ntv_it HTTP 302
https://www.eweek.com/ntv-ce-sync/454285540/?id=8146aea9-8f12-4090-8fb5-f5ddb7dc9024&o=0&s=0&do=syn

Request Chain 140

https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e HTTP 302
https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=

Request Chain 141

https://secure.adnxs.com/seg?add=17772711&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2

Request Chain 156

https://rp.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj&se=e30&dtstmp=1600814664587 HTTP 302
https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj&se=e30&dtstmp=1600814664587&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

165 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request mcafee-night-dragon-cyber-attack-unsophisticated-but-effective Show response
www.eweek.com/security/
Redirect Chain

http://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870
https://www.eweek.com/c/a/Security/McAfee-Night-Dragon-Cyber-Attack-Unsophisticated-But-Effective-303870
http://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

131 KB
27 KB

957ms
956ms

Document
text/html

23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / PHP/5.5.9-1ubuntu4.20

Resource Hash

e85fd001f02b918f34b4e788ed7d934e80c34d80285a00524039331240412fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: www.eweek.com
:scheme: https
:path: /security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=da304ab1d00b1eac6bc5fe187016e86091600814660; WMUUID=X2p@RcEDS7zaYBhNJCWu1AAAAB8; DC=SFDC; ntv_as_visitor=a80af169-0aed-42ca-87f6-c71146601fc6; ntv_as_status=0; ntv_as_ver=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html; charset=UTF-8
cf-ray: 5d6f8cd2fbb40635-LHR
cache-control: private, max-age=0, no-cache, no-store, must-revalidate, post-check=0, pre-check=0
expires: Mon, 1 Jan 1990 12:00:00 GMT
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
cf-request-id: 05599657d900000635889b9200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pragma: no-cache
x-cache-hits: 2
x-location-id: 1341905
x-ntv-te: 884 c:240 a:477
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
x-powered-by: PHP/5.5.9-1ubuntu4.20
x-ttl: 604800.000
x-varnish: 84027264 83572232
x-vcl-author: Varnish01
server: cloudflare
content-encoding: gzip
content-length: 26275
date: Tue, 22 Sep 2020 22:44:22 GMT
vary: Accept-Encoding
set-cookie: DC=SFDC; path=/;HttpOnly;;SameSite=None;Secure; ntv_as_visitor=a80af169-0aed-42ca-87f6-c71146601fc6; Domain=.eweek.com; Expires=Wed Sep 22 2021 22:44:22 GMT+0000 (Coordinated Universal Time); Path=/; Secure; ntv_as_status=1; Domain=.eweek.com; Expires=Wed Sep 22 2021 22:44:22 GMT+0000 (Coordinated Universal Time); Path=/; Secure; ntv_ce_visitor=90b4d6fe-82a3-4e14-804e-b49b1af271cf; Expires=Sun, 21 Sep 2025 22:44:22 GMT; Domain=.eweek.com; Secure; HttpOnly

Redirect headers

Location: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 338 KB
98 KB 135ms
61ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2e93ce556067b7b36614268b2800f434ec9bf82b67bd11fc4c7153816e2e205d

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:22 GMT
Content-Encoding: gzip
x-amz-request-id: E0C96CA2FB6746C4
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: +LSGAIMH8cbDQyT9XVCzsfUYeZXI8u4jR8InLAPq+f7gmCy+/Lc8pEK9Nt/03yZEU177ioex9/Y=
Last-Modified: Mon, 21 Sep 2020 20:57:45 GMT
Server: AmazonS3
ETag: "d96d442c923523d685302722984e34b0"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 d0d0c8a.css
www.eweek.com/cms/css/ 266 KB
40 KB 38ms
37ms Stylesheet
text/css 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/css/d0d0c8a.css

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

06aabc2e68363052a34bb066da80dbd7b971e3da6cb54306eff4033a7fba9c72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
origin: S_CACHE
cf-cache-status: HIT
cf-ray: 5d6f8cd8be04dff7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
content-length: 40931
cf-request-id: 0559965b710000dff7f6184200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 80764472
cache-control: public, max-age=95
x-vcl-author: Varnish
content-type: text/css
expires: Tue, 22 Sep 2020 22:45:57 GMT

GET
H2 200 834138a.css
www.eweek.com/cms/css/ 22 KB
5 KB 47ms
46ms Stylesheet
text/css 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/css/834138a.css

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

357aa475a6a8f7ceffec431a71a1f786def9cdbde965856ed45f33dbe26fd1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d6e9f4afdfd2c36-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 1:02:12 PM
x-cache-hits: 2
content-length: 4434
cf-request-id: 055901e2dc00002c362ea0a200000001
x-ntv-te: 625 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 83797772 81656147
cache-control: public, max-age=76684
content-type: text/css
expires: Wed, 23 Sep 2020 20:02:26 GMT

GET
H2 200 b862975.js Show response
www.eweek.com/cms/js/ 2 KB
1 KB 47ms
46ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/b862975.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

da2a886af209510dc91dcf9567dba3c2bf1e39c7891346419f11e513823594cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d6f8beb4a912c56-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:43:44 PM
x-cache-hits: 3
content-length: 805
cf-request-id: 055995c70e00002c569692b200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 387104820 383965795
cache-control: public, max-age=17
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:39 GMT

GET
H2 200 b707007.js Show response
www.eweek.com/cms/js/ 3 KB
1 KB 47ms
47ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/b707007.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

ba7aa3f06edc17169cb0c6a4aad2eeab13cdad5a1cc6867a47d3cba6de6bc363

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d6f5d6139522bc6-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:11:58 PM
x-cache-hits: 2
content-length: 961
cf-request-id: 055978b0c500002bc69a3a8200000001
x-ntv-te: 633 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 84415085 83469532
cache-control: public, max-age=84496
accept-ranges: bytes
content-type: application/javascript
expires: Wed, 23 Sep 2020 22:12:38 GMT

GET
H2 200 logo_eweek.jpg
www.eweek.com/bundles/eweekbase/images/ 6 KB
6 KB 83ms
72ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logo_eweek.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

105b81f0193bd01aa1c9bda24a58047bb59fa1b0f62a154d097744a6deb527f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d55fc0fdf56979c-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:16:28 PM
x-cache-hits: 2
content-length: 5991
cf-request-id: 05499bdde60000979c5e3ab200000001
x-ntv-te: 618 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 77875798 77461554
cache-control: public, max-age=336783
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 26 Sep 2020 20:17:25 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box&lang=
https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=

3 KB
2 KB

27ms
5ms

Script
text/javascript

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

ad7de7ea27997bcc80fa05b8d39603a51ad4b86ae222074e6f58728a665c061c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:36:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 499
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1179
x-xss-protection: 0
expires: Tue, 22 Sep 2020 23:06:03 GMT

Redirect headers

date: Tue, 22 Sep 2020 22:44:22 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/cse/brand?form=cse-search-box&lang=
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0

GET
H2 200 sg.min.js Show response
www.eweek.com/imageserver/common/sg/1.0/ Frame B67D 48 KB
15 KB 63ms
63ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/imageserver/common/sg/1.0/sg.min.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

83758d2cb76db5959d56d92fc255a576142e71bd3e58860c101586a631ad7444

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d6f8cd90e49d6b9-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
x-cache-hits: 4
content-length: 15206
cf-request-id: 0559965ba20000d6b9c19d6200000001
x-ntv-te: 5 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 59298307 59816447
cache-control: public, max-age=1
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H2

200

brand Show response
cse.google.com/coop/cse/
Redirect Chain

https://www.google.com/coop/cse/brand?form=cse-search-box-footer&lang=
https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=

3 KB
1 KB

28ms
6ms

Script
text/javascript

2a00:1450:4001:81f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

pfe /

Resource Hash

4077cb19b67aedd5a226e7ea3be91669631a13660397e81dc5e4834b3ac440a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:42:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: pfe
age: 128
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: public, max-age=1800
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1185
x-xss-protection: 0
expires: Tue, 22 Sep 2020 23:12:14 GMT

Redirect headers

date: Tue, 22 Sep 2020 22:44:22 GMT
x-content-type-options: nosniff
server: sffe
status: 302
content-type: text/html; charset=UTF-8
location: https://cse.google.com/coop/cse/brand?form=cse-search-box-footer&lang=
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 271
x-xss-protection: 0

GET
H/1.1

200
OK

75CB2C54CC644E5DAEF5788E24AA2C3A.png
ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/
Redirect Chain

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png

16 KB
17 KB

145ms
84ms

Image
image/webp

2.16.177.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.177.49 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-49.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6fa9fdd6f8641bfe232255949322b59f913230c64aedb9415f3738d5c992287f

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:22 GMT
X-Check-Cacheable: YES
X-Serial: 961
ETag: "2a993c46eb5e1ce1831c403772b67763"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=43200
Last-Modified: Tue, 08 Sep 2020 16:39:28 GMT
Connection: keep-alive
Content-Length: 16828
Server: Akamai Image Manager
Expires: Wed, 23 Sep 2020 10:44:22 GMT

Redirect headers

Location: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto,fl_lossy,e_sharpen:70/assets/75CB2C54CC644E5DAEF5788E24AA2C3A.png
Date: Tue, 22 Sep 2020 22:44:22 GMT
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H/1.1

200
OK

4C018C95071E49318E9FB379B93D0225.jpg
ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/
Redirect Chain

https://ntvcld-a.akamaihd.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/4C018C95071E49318E9FB379B93D0225.jpg
https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/4C018C95071E49318E9FB379B93D0225.jpg

10 KB
10 KB

146ms
87ms

Image
image/webp

2.16.177.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/4C018C95071E49318E9FB379B93D0225.jpg
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2.16.177.49 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a2-16-177-49.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 211906850940241b34bbeffcf43af5f8b1b0d176c09a2e7f67f2ce3194680bcf

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:22 GMT
Last-Modified: Mon, 27 Jul 2020 21:30:33 GMT
Server: Akamai Image Manager
ETag: "b6be3d0a5f7d9e2a524c5ced4452a9e3"
Content-Type: image/webp
Cache-Control: private, no-transform, max-age=43200
Connection: keep-alive
Content-Length: 10244
Expires: Wed, 23 Sep 2020 10:44:22 GMT

Redirect headers

Location: https://ntvaim-a.akamaized.net/image/upload/w_480,h_270,c_fill,g_auto:text,f_auto/assets/4C018C95071E49318E9FB379B93D0225.jpg
Date: Tue, 22 Sep 2020 22:44:22 GMT
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 Kubernetes.logo.png
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 12 KB
12 KB 85ms
74ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/Kubernetes.logo.png?alias=slideshow_preview

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

7d4f2837d902141b4eeb9d40f042ae23d33d5d007f29fd85a2cee1c5cc79247d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: MISS
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 12:19:50 PM
content-length: 12289
cf-request-id: 0558db15c000001f5120912200000001
x-ntv-te: 743 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Tue, 22 Sep 2020 19:19:35 GMT
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d6e61360de61f51-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 icon_social_facebook_blue.png
www.eweek.com/bundles/eweekbase/images/ 353 B
768 B 85ms
75ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/icon_social_facebook_blue.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

b61d7ce88dbb1335d8f4f403de85aae5b66bef71d9377978f59d2f176b8dc66f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d55fdcd6a736491-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:17:40 PM
content-length: 353
cf-request-id: 05499cf46300006491ae9e6200000001
x-ntv-te: 623 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 77181913
cache-control: public, max-age=336775
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:17:17 GMT

GET
H2 200 social_linkedin_blog_connect.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 85ms
75ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_linkedin_blog_connect.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

cd5957cb688ef7b514e3556880a582b9e6488e4945ad601cd4af5d5484715664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d55fdcd6da3c272-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:17:40 PM
content-length: 1404
cf-request-id: 05499cf4620000c2724a316200000001
x-ntv-te: 655 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 77966498
cache-control: public, max-age=336850
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 26 Sep 2020 20:18:32 GMT

GET
H2 200 social_twitter_blog_connect.jpg
www.eweek.com/bundles/eweekbase/images/ 2 KB
2 KB 85ms
75ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_twitter_blog_connect.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

ee8c9350f2dc014c1df691ec938fef7918710173eaeee6ecdc82443d3d1bd9a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d55fdcd68a10614-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:17:40 PM
x-cache-hits: 17
content-length: 1729
cf-request-id: 05499cf46200000614858bf200000001
x-ntv-te: 618 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 392646108 383686577
cache-control: public, max-age=336818
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 26 Sep 2020 20:18:00 GMT

GET
H2 200 BoxWorks2020-2.png
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 308 KB
309 KB 86ms
76ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/BoxWorks2020-2.png?alias=carousel_regular

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

16e652e5898c4aec8274a83c933c9b3c8bfc5c469ddd5b7aa84336fb57e2e4ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: MISS
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 12:19:50 PM
content-length: 315198
cf-request-id: 0558db15a400002bf6a6003200000001
x-ntv-te: 937 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Tue, 22 Sep 2020 19:19:36 GMT
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d6e6135dc702bf6-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 CP.Zeus.still.JPG
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 289 KB
290 KB 86ms
77ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/CP.Zeus.still.JPG?alias=carousel_regular

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

ef4f1c289574cf82e3c9a105eed622581dbbaf12df6e8ec47bb61aa381afc3a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: MISS
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/21/2020, 10:41:02 PM
content-length: 295528
cf-request-id: 0555ed729e000007424b369200000001
x-ntv-te: 838 c:0 a:0
pragma: no-cache
served-by: imageserver-ez.quinstreet.com
last-modified: Tue, 22 Sep 2020 05:38:41 GMT
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 5d69b1ca9dac0742-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 HP_EliteBook_840G7.JPG
www.eweek.com/imagesvr_ez/b2bezp/2020/09/ 49 KB
50 KB 89ms
79ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2020/09/HP_EliteBook_840G7.JPG?alias=carousel_regular

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

800c86bf71a2e4f20c520588419f277abd4d0e4c04c1661ea358956954c56546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: MISS
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/21/2020, 2:01:39 PM
content-length: 50369
cf-request-id: 055411f09900001f35082be200000001
x-ntv-te: 1031 c:0 a:0
pragma: no-cache
served-by: imageserver-ez.quinstreet.com
last-modified: Mon, 21 Sep 2020 21:00:58 GMT
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 5d66b8fa8bb21f35-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 Blackberry-CTO-1088x725.png
www.eweek.com/imagesvr_ez/b2bezp/2019/04/ 140 KB
140 KB 90ms
81ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2019/04/Blackberry-CTO-1088x725.png?alias=list_medium

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

d429e18a60775afd101e216069441c1dd97cdb28a0bcb73fee92ebeea38f2f2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/11/2020, 8:25:40 AM
content-length: 142983
cf-request-id: 051f5ec35b000005bb9d0ab200000001
x-ntv-te: 11 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Tue, 16 Apr 2019 18:45:30 GMT
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d1267189f9a05bb-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 Steve-Grobman-mcafee-1088x725.png
www.eweek.com/imagesvr_ez/b2bezp/2019/04/ 125 KB
126 KB 92ms
83ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/imagesvr_ez/b2bezp/2019/04/Steve-Grobman-mcafee-1088x725.png?alias=list_medium

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare / Mugo

Resource Hash

73575a61aac2526dde9164663374aaf9c3e6b036803ed35df5bed50ff8aae2e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
cf-cache-status: HIT
x-powered-by: Mugo
status: 200
x-ntv-worker-version: 1.1.1w 9/11/2020, 8:25:40 AM
content-length: 128444
cf-request-id: 051f5ec35f0000c2ea922fe200000001
x-ntv-te: 12 c:0 a:0
pragma: Public
served-by: imageserver-ez.quinstreet.com
last-modified: Mon, 01 Apr 2019 22:02:50 GMT
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=0
accept-ranges: bytes
cf-ray: 5d12671898ecc2ea-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 footer_logo.png
www.eweek.com/bundles/eweekbase/images/ 4 KB
4 KB 94ms
85ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/footer_logo.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

ca6a5d2591905b6baf5a6b023375e4624b6bb303968fe1795954aeb17068a67c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d607e19d9b905b7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 7:52:52 PM
content-length: 4107
cf-request-id: 05502d242a000005b748a19200000001
x-ntv-te: 9 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 79573145
cache-control: public, max-age=402005
accept-ranges: bytes
content-type: image/png
expires: Sun, 27 Sep 2020 14:24:27 GMT

GET
H2 200 esecurityplanet_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 3 KB
3 KB 95ms
86ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/esecurityplanet_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

6135092bdc3632a769ce90dda6ba2e96865dc27f0705f22b533aebd8495bb954

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d5628137904e007-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
x-cache-hits: 1
content-length: 2867
cf-request-id: 0549b7602d0000e00709354200000001
x-ntv-te: 621 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 78553755 76900139
cache-control: public, max-age=338584
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:47:26 GMT

GET
H2 200 itbe_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 1 KB
2 KB 95ms
86ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/itbe_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

d0109a226b4def4583eb68fbbac17e52bf881218cd9b0ef70415fe76739ecb4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d5628137b2b2484-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
x-cache-hits: 7
content-length: 1437
cf-request-id: 0549b7602f00002484b91d7200000001
x-ntv-te: 630 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 392936228 386089962
cache-control: public, max-age=338550
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:46:52 GMT

GET
H2 200 developer_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 4 KB
4 KB 95ms
86ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/developer_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

9f31a3904b1a7dd795a179176a46d020e3f64cc6c11c006621dbdda761af4b21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d5628137dc21f35-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
x-cache-hits: 2
content-length: 3863
cf-request-id: 0549b7602e00001f3514ad0200000001
x-ntv-te: 628 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 392030621 389746714
cache-control: public, max-age=338566
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:47:08 GMT

GET
H2 200 esf_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 6 KB
7 KB 95ms
87ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/esf_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

108462062f01ca062c79b342b445d6e9564ced0dbd7d5b7705521899c29c492e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d5628137d5b0629-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
x-cache-hits: 7
content-length: 6578
cf-request-id: 0549b7602f000006296e21e200000001
x-ntv-te: 624 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 392936229 384399637
cache-control: public, max-age=338524
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:46:26 GMT

GET
H2 200 serverwatch_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 2 KB
3 KB 96ms
87ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/serverwatch_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

c35b9563381534d1fc6e7a8fd8b11f5e55de5c0de1cbeb3c6a49113beac97b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d6097faeaf3dfbb-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 8:10:32 PM
x-cache-hits: 9
content-length: 2175
cf-request-id: 05503d50d20000dfbb56076200000001
x-ntv-te: 619 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 391346507 386471857
cache-control: public, max-age=447944
accept-ranges: bytes
content-type: image/png
expires: Mon, 28 Sep 2020 03:10:06 GMT

GET
H2 200 datamation_light.png
www.eweek.com/bundles/eweekbase/images/logos/ 2 KB
3 KB 96ms
87ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/logos/datamation_light.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

28e654205749c77ca7c0892a49a8a74e9d0c58629c2184285d140341e1247944

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d6092c22b5bdfbb-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 8:06:58 PM
x-cache-hits: 9
content-length: 2187
cf-request-id: 05503a0d5d0000dfbb5614d200000001
x-ntv-te: 638 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 392423037 384527465
cache-control: public, max-age=447781
accept-ranges: bytes
content-type: image/png
expires: Mon, 28 Sep 2020 03:07:23 GMT

GET
H2 200 social_rss_footer.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 96ms
88ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_rss_footer.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

1ecc528c7da2e95c3e5c1b0404fd4c43c5197c65db42e943a12319161cba038d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d5628138b3c64b5-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
content-length: 1335
cf-request-id: 0549b76039000064b5cf278200000001
x-ntv-te: 652 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 77067571
cache-control: public, max-age=338541
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 26 Sep 2020 20:46:43 GMT

GET
H2 200 social_twitter_footer.png
www.eweek.com/bundles/eweekbase/images/ 2 KB
3 KB 96ms
88ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_twitter_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

77c82b7624c53390b639f3d653ee9e132ba223e8b1c2a1600c91c2f7d0ee7e99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d607e19ecaadfb7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 7:52:52 PM
x-cache-hits: 4
content-length: 2163
cf-request-id: 05502d242f0000dfb77e302200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 394575079 389356142
cache-control: public, max-age=402070
accept-ranges: bytes
content-type: image/png
expires: Sun, 27 Sep 2020 14:25:32 GMT

GET
H2 200 social_facebook_footer.png
www.eweek.com/bundles/eweekbase/images/ 957 B
1 KB 99ms
91ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_facebook_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

7e9190d607f09f91f8fa02bbece2164eecc173cc915b7beb326b924831c17229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d6092c23c7fdfd3-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 8:06:58 PM
x-cache-hits: 6
content-length: 957
cf-request-id: 05503a0d5f0000dfd3eb115200000001
x-ntv-te: 617 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 393436461 387389310
cache-control: public, max-age=447791
accept-ranges: bytes
content-type: image/png
expires: Mon, 28 Sep 2020 03:07:33 GMT

GET
H2 200 social_linkedin_footer.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 99ms
92ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_linkedin_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

659877c31966dec662ceccd15e1c68c4aff8e07bc6936f53081656c7a11725da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d5628139c512bce-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
x-cache-hits: 7
content-length: 1133
cf-request-id: 0549b7603a00002bce8c983200000001
x-ntv-te: 624 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 393742091 387280545
cache-control: public, max-age=338544
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:46:46 GMT

GET
H2 200 social_youtube_footer.png
www.eweek.com/bundles/eweekbase/images/ 2 KB
3 KB 100ms
92ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_youtube_footer.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

126a147b90e2460eee5b0e207e80456557bc7fd884daa131c5627776e69b9af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d5628138a62c2a9-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 1:46:31 PM
x-cache-hits: 1
content-length: 2448
cf-request-id: 0549b760380000c2a93e840200000001
x-ntv-te: 623 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 78553756 77233523
cache-control: public, max-age=338524
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 20:46:26 GMT

GET
H2 200 6694951.js Show response
www.eweek.com/cms/js/ 258 KB
76 KB 69ms
57ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/6694951.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8f7538d138e8880adf91b22309de2542c8779d3a77db830606b56c7f1a7b9591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d6f8cd8ddf5d6b9-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
content-length: 77100
cf-request-id: 0559965b850000d6b9c19d3200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 336199714
cache-control: public, max-age=1
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H2 200 7197bf6.js Show response
www.eweek.com/cms/js/ 96 KB
20 KB 82ms
70ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/7197bf6.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

eede7b7303beabc2bd639da847d964f1d76fe29427796e5546f9a8d4208e6e8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d6f8c14c905d6e5-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:43:51 PM
x-cache-hits: 4
content-length: 20477
cf-request-id: 055995e1000000d6e5ab373200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 387563570 387404437
cache-control: public, max-age=11
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:33 GMT

GET
H2 200 dbc7889.js Show response
www.eweek.com/cms/js/ 15 KB
5 KB 82ms
71ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/dbc7889.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8a7d82ee537b87a9fc39b72d463e6e886db3365aeca83b7cea136e6887869707

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d6f8c8e1ea60629-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:10 PM
content-length: 4634
cf-request-id: 0559962cd1000006297fadf200000001
x-ntv-te: 5 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 8226091
cache-control: public, max-age=6
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:28 GMT

GET
H/1.1 200
OK atc.min.js Show response
addevent.com/libs/atc/1.6.1/ 31 KB
8 KB 253ms
58ms Script
text/javascript 52.214.212.174
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://addevent.com/libs/atc/1.6.1/atc.min.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.214.212.174 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-214-212-174.eu-west-1.compute.amazonaws.com

Software

Apache /

Resource Hash

ce91f5b5be9bdfa865d86c8a3ab6e14fee3513d78c6ff0dc22c0bcc743c441a9

Security Headers

Name	Value
X-Content-Security-Policy	allow 'self';
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive
Content-Length: 7798
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 13 Aug 2020 17:32:56 GMT
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, public, must-revalidate
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
X-Content-Security-Policy: allow 'self';

GET
H2 200 99a0c46.js Show response
www.eweek.com/cms/js/ 40 KB
7 KB 83ms
71ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/99a0c46.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

0045a3acad18d7644c8213b8d216105742a9de3cda88591ba6ad9830d7ff12fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d6f8cd8df340601-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
x-cache-hits: 14
content-length: 7095
cf-request-id: 0559965b82000006014cb5a200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 595820 1579382
cache-control: public, max-age=1
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H2 200 a2e6745.js Show response
www.eweek.com/cms/js/ 325 KB
83 KB 85ms
74ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/js/a2e6745.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8a94aedff5853b3c57bda813b33ac9d93234ab0ffc5baf5bcd90e3a085285454

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d6f8cd97b4d0629-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
x-cache-hits: 3
content-length: 84296
cf-request-id: 0559965bec000006297f990200000001
x-ntv-te: 6 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 75174807 72449784
cache-control: public, max-age=1
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H/1.1 200
OK library.js Show response
eweekcom.api.oneall.com/socialize/ 46 KB
12 KB 205ms
60ms Script
text/javascript 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eweekcom.api.oneall.com/socialize/library.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash: 59c6c43d90eb9974f95bb085ed07e51c62235274f1070b125213d32f062b9456

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: private
Date: Tue, 22 Sep 2020 22:44:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 06:39:25 GMT
Server: nginx
X-Forwarded-Target: xuniform.oneall.com
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: max-age=14400, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 12298
X-Cached: HIT
Expires: Wed, 23 Sep 2020 02:44:18 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 52 KB
18 KB 129ms
61ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

ccb11d973cc6943c9e2d3d2ae840734b9f7cb1b8e323fdcbb2a996637365b594

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "641 / 621 of 1000 / last-modified: 1600812818"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17713
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H2 200 evidon-sitenotice-tag.js Show response
c.evidon.com/sitenotice/ 57 KB
15 KB 111ms
31ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02ed3134da719e80bb8809b96915b4d588ac1f07cfa2859f3bae45214f147cfb

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
vary: Accept-Encoding
status: 200
content-length: 14825
last-modified: Thu, 10 Sep 2020 18:06:59 GMT
server: AkamaiNetStorage
etag: "58e6d8950119ef5ab87c973ae5429fc4:1599761219.110963"
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 24 Sep 2020 22:44:22 GMT

GET
H2 200 country.js Show response
c.evidon.com/geo/ 299 B
485 B 127ms
47ms Script
application/x-javascript 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/geo/country.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
last-modified: Sat, 14 Mar 2020 22:02:45 GMT
server: AkamaiNetStorage
status: 200
etag: "1503f70c7bb024bac76b917ae38a7af3:1584223365.978506"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS,POST
content-type: application/x-javascript
access-control-allow-origin
access-control-max-age: 108000
accept-ranges: bytes
access-control-allow-headers: *
content-length: 209

GET
H2 404 snthemes.js
c.evidon.com/sitenotice/704/ 0
0 231ms
216ms Script
text/plain 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/704/snthemes.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
server: AkamaiNetStorage
status: 404
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10
expires: Thu, 24 Sep 2020 22:44:22 GMT

GET
H2 404 settings.js
c.evidon.com/sitenotice/704/eweek/ 0
0 222ms
216ms Script
text/plain 104.111.252.228
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.evidon.com/sitenotice/704/eweek/settings.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 104.111.252.228 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-252-228.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
server: AkamaiNetStorage
status: 404
access-control-max-age: 108000
access-control-allow-methods: GET,OPTIONS,POST
access-control-allow-origin
cache-control: max-age=172800, private;max-age=86400
accept-ranges: bytes
access-control-allow-headers: *
content-length: 10
expires: Thu, 24 Sep 2020 22:44:22 GMT

GET
H2 200 Jd-PsEKi.js Show response
cdn.krxd.net/controltag/ 62 KB
15 KB 76ms
24ms Script
text/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/Jd-PsEKi.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a7132b8173ba40704591322814f9bb7356db7c6f87603ce915ba22702bd59423

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
age: 954
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 14453
x-served-by: config-service-a005-ash-prod.krxd.net, cache-bwi5148-BWI, cache-fra19147-FRA
x-response-time: 0
x-do-esi: esi
x-timer: S1600814663.773374,VS0,VE1
etag: "58be1544e363dad7c27ca4c56c68614aa0cb344a"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
19 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 641
date: Tue, 22 Sep 2020 22:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18650
expires: Wed, 23 Sep 2020 00:33:41 GMT

GET
H2 200 webtrends.min.js Show response
www.eweek.com/imageserver/common/v10/ 24 KB
9 KB 122ms
116ms Script
application/javascript 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/imageserver/common/v10/webtrends.min.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

7c45f3e74663832088facc6c859531361fbd44adf7f6cefc20e5196859db758d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d6f8cd99b7f0629-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:22 PM
x-cache-hits: 5
content-length: 8609
cf-request-id: 0559965c03000006297f992200000001
x-ntv-te: 4 c:0 a:0
pragma: Public
x-ttl: 86400.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 377368969 365248301
cache-control: public, max-age=58
content-type: application/javascript
expires: Tue, 22 Sep 2020 22:45:20 GMT

GET
H2 200 social_rss_header.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 98ms
92ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_rss_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

07699c8e69a547fc8a508829645a838351cb2d5112d44d4a4c0bf871bfcda515

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d4e70af4e9e178a-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/18/2020, 3:17:58 PM
x-cache-hits: 2
content-length: 1498
cf-request-id: 0544e4c1910000178ae4b14200000001
x-ntv-te: 7 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 390964060 388006284
cache-control: public, max-age=218275
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 25 Sep 2020 11:22:17 GMT

GET
H2 200 social_twitter_header.jpg
www.eweek.com/bundles/eweekbase/images/ 2 KB
2 KB 98ms
93ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_twitter_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

774f49ed7464c8fbc90f12764f881cfbf6f08d3429f06d9d883d69684711be18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d607e1b2dc4dfb7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 7:52:52 PM
x-cache-hits: 2
content-length: 1741
cf-request-id: 05502d24f50000dfb77e308200000001
x-ntv-te: 617 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 80106606 79912503
cache-control: public, max-age=446949
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 28 Sep 2020 02:53:31 GMT

GET
H2 200 social_facebook_header.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 98ms
93ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_facebook_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

fe2705203130628a9261d211b97911d2431500a8486e4f461da2403366db31b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d607e1b2b8405b7-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 7:52:52 PM
x-cache-hits: 5
content-length: 1410
cf-request-id: 05502d24f6000005b748a1e200000001
x-ntv-te: 617 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 396039093 390276220
cache-control: public, max-age=446924
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 28 Sep 2020 02:53:06 GMT

GET
H2 200 social_in_header.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 98ms
93ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_in_header.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

2f5612464becb086f617f071035c72675b665fbd6aa6e747d99ddb42fe08102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d4e70af5b7e0605-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/18/2020, 3:17:58 PM
x-cache-hits: 1
content-length: 1406
cf-request-id: 0544e4c193000006057d394200000001
x-ntv-te: 5 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 74146137 75772704
cache-control: public, max-age=218170
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 25 Sep 2020 11:20:32 GMT

GET
H2 200 social_youtube_header.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 99ms
93ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/social_youtube_header.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

f8ac77d0c47d6b70130e96f0d6e87969ad5f2c5aea4f15fa0ea647fc7ed9813a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d60a03d48722c0d-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 8:16:10 PM
x-cache-hits: 1
content-length: 1133
cf-request-id: 0550427a4c00002c0d009e2200000001
x-ntv-te: 5 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 81176489 70053586
cache-control: public, max-age=448208
accept-ranges: bytes
content-type: image/png
expires: Mon, 28 Sep 2020 03:14:30 GMT

GET
H2 200 search_icon.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 99ms
94ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/search_icon.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

9f3ec013f50507b977e6a1529d85d410e7f116e2a514f63851c5a1ed43bdbc3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d4e70af6e3516e6-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/18/2020, 3:17:59 PM
content-length: 1336
cf-request-id: 0544e4c19e000016e6d5053200000001
x-ntv-te: 623 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 391529230
cache-control: public, max-age=257598
accept-ranges: bytes
content-type: image/png
expires: Fri, 25 Sep 2020 22:17:40 GMT

GET
H2 200 OpenSans-Regular.ttf
www.eweek.com/cms/fonts/open-sans/ 212 KB
114 KB 40ms
36ms Font
application/x-font-ttf 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/open-sans/OpenSans-Regular.ttf

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

6d7127456a361c6ab8741b2b18d43f35fc0c19adad10b89f4be31fdb7d18f8eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d12671a8b61d6e5-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/11/2020, 8:25:40 AM
date: Tue, 22 Sep 2020 22:44:22 GMT
content-length: 116487
cf-request-id: 051f5ec4930000d6e566336200000001
x-ntv-te: 10 c:0 a:0
pragma: Public
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:22:04 GMT
server: cloudflare
etag: "35110-5ada2d34c461b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 21987468
cache-control: public, max-age=343190
content-type: application/x-font-ttf
expires: Sat, 26 Sep 2020 22:04:12 GMT

GET
H3-Q050 200 googlelogo_lightgrey_46x16dp.png
www.google.com/cse/static/images/1x/ 551 B
906 B 32ms
8ms Image
image/png 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/googlelogo_lightgrey_46x16dp.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 09:06:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 135479
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 551
x-xss-protection: 0
expires: Tue, 21 Sep 2021 09:06:23 GMT

GET
H2 200 facebook.png
www.eweek.com/bundles/eweekbase/images/ 264 B
698 B 37ms
30ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/facebook.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

e3e3b381f9da22cbdb016fd658f887133fdc4ee68f84b2fb3ec71bb0454067ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d56992fca1cbeba-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 3:03:44 PM
x-cache-hits: 7
content-length: 264
cf-request-id: 0549fe11e10000beba179d7200000001
x-ntv-te: 618 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 392970046 383771711
cache-control: public, max-age=343135
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 22:03:17 GMT

GET
H2 200 tw.png
www.eweek.com/bundles/eweekbase/images/ 546 B
980 B 38ms
30ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/tw.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

d5a08348c1e08dbd9917320b04e278317938e10c9a3f92ee33b89adee147a425

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d56992fdf54d709-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 3:03:44 PM
x-cache-hits: 4
content-length: 546
cf-request-id: 0549fe11e30000d7090f2cf200000001
x-ntv-te: 640 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 78104044 77570846
cache-control: public, max-age=343172
accept-ranges: bytes
content-type: image/png
expires: Sat, 26 Sep 2020 22:03:54 GMT

GET
H2 200 linkedin.png
www.eweek.com/bundles/eweekbase/images/ 360 B
794 B 47ms
32ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/linkedin.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

8ea510facb5e675b142cd3d087a6f74194db466ed4030f0d4209c58c3d902182

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
cf-ray: 5d6087f8d8dc97cc-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 7:59:37 PM
x-cache-hits: 11
content-length: 360
cf-request-id: 0550334f87000097cc07086200000001
x-ntv-te: 629 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 395171045 383558363
cache-control: public, max-age=447282
accept-ranges: bytes
content-type: image/png
expires: Mon, 28 Sep 2020 02:59:04 GMT

GET
H2 200 button_play_video_thumbnails.png
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 51ms
35ms Image
image/png 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/button_play_video_thumbnails.png

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

31f991334889e4bbcf622f2b94d5f6944e0b53fbcaa81c527b7d8a5043cefc39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d53f960bf60dff3-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 7:25:06 AM
x-cache-hits: 9
content-length: 1445
cf-request-id: 05485a30770000dff3e19cc200000001
x-ntv-te: 8 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 390964061 382774056
cache-control: public, max-age=218139
accept-ranges: bytes
content-type: image/png
expires: Fri, 25 Sep 2020 11:20:01 GMT

GET
H2 200 Lato-Regular.ttf
www.eweek.com/cms/fonts/lato/ 117 KB
51 KB 45ms
34ms Font
application/x-font-ttf 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/lato/Lato-Regular.ttf

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d569922dbe7beba-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/19/2020, 3:03:42 PM
date: Tue, 22 Sep 2020 22:44:22 GMT
content-length: 51957
cf-request-id: 0549fe09c30000beba1791e200000001
x-ntv-te: 792 c:0 a:0
pragma: Public
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:23:12 GMT
server: cloudflare
etag: "1d584-5ada2d7504245-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 78910046
cache-control: public, max-age=343171
content-type: application/x-font-ttf
expires: Sat, 26 Sep 2020 22:03:53 GMT

GET
H2 200 glyphicons-halflings-regular.woff2
www.eweek.com/cms/fonts/ 18 KB
18 KB 46ms
35ms Font
application/octet-stream 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/glyphicons-halflings-regular.woff2

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish
cf-cache-status: MISS
status: 200
x-ntv-worker-version: 1.1.1w 9/11/2020, 8:25:42 AM
date: Tue, 22 Sep 2020 22:44:22 GMT
content-length: 18028
cf-request-id: 051f5ec6640000c2ea92325200000001
x-ntv-te: 977 c:0 a:0
pragma: no-cache
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:23:12 GMT
server: cloudflare
etag: "466c-5ada2d74fc543"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 371707960
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
accept-ranges: bytes
cf-ray: 5d12671d68bec2ea-FRA
expires: Tue, 22 Sep 2020 22:44:22 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 25ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/40B4) /
Resource Hash: a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 540
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 28881
x-tw-cdn: VZ
Last-Modified: Tue, 01 Sep 2020 20:40:54 GMT
Server: ECS (fcn/40B4)
Etag: "a58136137a93f33c1d165df7d4d973f8+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 97ms
31ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=11238
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=55359
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET trk.gif
jadserve.postrelease.com/ 0
0

POST /
www.eweek.com/post_handler/ 0
0

GET wtid.js
www.qsstats.com/dcs0hqs4610000ou3mn7tu0uc_5l6j/ 0
0

GET en.js
c.evidon.com/sitenotice/704/translations/ 0
0

GET
H3-Q050 200 pubads_impl_2020091601.js Show response
securepubads.g.doubleclick.net/gpt/ 263 KB
93 KB 101ms
68ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

sffe /

Resource Hash

3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Sep 2020 08:40:34 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94378
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:22 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
397 B 39ms
13ms XHR
text/plain 2a00:1450:4001:820::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j86&aip=1&a=1381152462&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&ul=en-us&de=UTF-8&dt=McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1216655549&gjid=209278253&cid=1952371331.1600814663&tid=UA-48216600-1&_gid=1093929754.1600814663&_r=1&_slc=1&z=1606175034

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.840d44399e357e7da3f94ce724fcd35c Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 24ms
24ms Script
application/javascript 151.101.14.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/Jd-PsEKi.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 22 Sep 2020 22:44:22 GMT
content-encoding: gzip
age: 2548776
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 1350723
content-length: 84307
x-served-by: cache-fra19147-FRA
last-modified: Mon, 24 Aug 2020 10:19:29 GMT
x-timer: S1600814663.890201,VS0,VE0
etag: "840d44399e357e7da3f94ce724fcd35c"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Thu, 22 Aug 2030 10:19:28 GMT

GET
H/1.1 200
OK queue.js Show response
eweekcom.api.oneall.com/socialize/loudvoice/ 6 KB
3 KB 70ms
69ms Script
text/javascript 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eweekcom.api.oneall.com/socialize/loudvoice/queue.js?parent_uri=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Requested by: Host: eweekcom.api.oneall.com
URL: https://eweekcom.api.oneall.com/socialize/library.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash: a97213d63d7f4864ebcd32ef9d3ebdb0d3bd2413f82172d3865b8fe4293a0169

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: public
Date: Tue, 22 Sep 2020 22:44:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 27 Jun 2019 06:39:25 GMT
Server: nginx
X-Forwarded-Target: xquebec.oneall.com
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: max-age=14400, public
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 2400
X-Cached: MISS
Expires: Wed, 23 Sep 2020 02:44:22 GMT

GET
H/1.1 200
OK widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html
platform.twitter.com/widgets/ Frame 4711 0
0 6ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2d7d9a6d04538bf11c7b23641e75738c.html?origin=https%3A%2F%2Fwww.eweek.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4187) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 607449
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 22 Sep 2020 22:44:22 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 01 Sep 2020 17:58:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4187)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 5825

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 35ms
16ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400i,600

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb1f2226406c6cd7aa94d38eaaefff80ba489adb940d76bd4a3c63cd8d0ad027

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Sep 2020 22:21:01 GMT
server: ESF
date: Tue, 22 Sep 2020 22:44:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Sep 2020 22:44:22 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 42ms
16ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j86&tid=UA-48216600-1&cid=1952371331.1600814663&jid=1216655549&gjid=209278253&_gid=1093929754.1600814663&_u=YEBAAEAAAAAAAC~&z=1815099217

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Sep 2020 22:44:22 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 82FE 0
0

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
273 B 17ms
17ms Image
image/gif 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-48216600-1&cid=1952371331.1600814663&jid=1216655549&_u=YEBAAEAAAAAAAC~&z=360180458

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ga-audiences
www.google.de/ads/ 0
0

GET
H/1.1 200
OK 11238 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 320 B
767 B 105ms
40ms Script
application/octet-stream 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/11238?t=202082308
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 56f7c16a284fa1becd116099585108dba842f55074f664a428a7897bb642a3f2

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cjsImWWXY9qtPouKTxSOSpwWRaFQQfVd
Last-Modified: Tue, 22 Sep 2020 22:33:04 GMT
Server: AmazonS3
x-amz-request-id: 7S9H9Z9GBM4T5G3Y
ETag: "8f847dafd3e1a8044a30970f3db1fef5"
Content-Type: application/octet-stream
Date: Tue, 22 Sep 2020 22:44:23 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 320
x-amz-id-2: YFGfpywC9VLZpr0VjgRiLNtP4oGOG7HRcO8ZXzsChQ6rtRP+E+lHy3EUaGLr09GMlNGvSOTR/mc=

GET
H/1.1 200
OK /
eweekcom.api.oneall.com/socialize/loudvoice/discussion/ Frame 05AC 0
0 158ms
84ms Document
text/html 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eweekcom.api.oneall.com/socialize/loudvoice/discussion/?args=%7B%22placeholder_start_discussion%22%3A%22%40%22%2C%22placeholder_leave_comment%22%3A%22%40%22%2C%22iframeid%22%3A%22oa_loudvoice_frame_107505%22%2C%22providers%22%3A%5B%22facebook%22%2C%22google%22%2C%22linkedin%22%5D%2C%22page_title%22%3A%22McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22author_session_token%22%3A%22%22%2C%22parent_uri%22%3A%22https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22comment_depth%22%3A%5B5%2C3%5D%2C%22comment_direction%22%3A%22%22%2C%22custom_css_uri%22%3A%22%22%2C%22offset_top%22%3A0%2C%22enable_editor%22%3Afalse%2C%22render_collapsed%22%3Afalse%2C%22reference%22%3A%22%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%22%2C%22id%22%3A107505%7D&lang=en
Requested by: Host: eweekcom.api.oneall.com
URL: https://eweekcom.api.oneall.com/socialize/library.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash

Request headers

Host: eweekcom.api.oneall.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

Server: nginx
Date: Tue, 22 Sep 2020 22:44:23 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 2283
Connection: keep-alive
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
X-Forwarded-Target: xromeo.oneall.com
Vary: Accept-Encoding
Content-Encoding: gzip
X-Accepted-Source: xalpha.oneall.com

GET
H2 200 e135fda1-30ea-4b03-9420-07993c74ffc0 Show response
consumer.krxd.net/consent/get/ 240 B
304 B 101ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e135fda1-30ea-4b03-9420-07993c74ffc0?idt=device&dt=kxcookie&callback=Krux.ns.quinstreet.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d8b6042c1ce49cdf56b28be5bceded68654e45f53d6ef44a5dea6c45cf97158d

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4043-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1600814663.062378,VS0,VE26
content-length: 194
via: 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 e135fda1-30ea-4b03-9420-07993c74ffc0 Show response
consumer.krxd.net/consent/set/ 305 B
490 B 92ms
50ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/set/e135fda1-30ea-4b03-9420-07993c74ffc0?idt=device&dt=kxcookie&dc=0&al=0&tg=0&cd=0&sh=0&re=0&callback=Krux.ns.quinstreet.kxjsonp_consent_set_1
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 89803bc1d2712cb3a3fc6587c92ca0ec0dee740545221c2f8f18c4f22719e7c7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
age: 0, 0
x-served-by: consumer-a010-dub-prod.krxd.net, cache-hhn4043-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=10
x-age: 0
accept-ranges: bytes, bytes, bytes
x-timer: S1600814663.062418,VS0,VE25
content-length: 243
via: 1.1 varnish
x-cache-hits: 0, 0

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 109 B
890 B 47ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=www.eweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
890 B 34ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.eweek.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
18 KB 212ms
212ms XHR
text/plain 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4278227524831465&correlator=4271818615768624&output=ldjh&impl=fifs&vrg=2020091601&npa=1&guci=2.2.0.0.2.1.0.0&sc=1&sfv=1-0-37&ecs=20200922&iu_parts=5055%2Cb2b%2Cit%2Ceweek%2Cp1-imu%2Cp2-imu%2Cp1-lb%2Cp2-lb&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7&prev_iu_szs=300x250%7C300x600%7C300x1050%2C300x250%7C300x600%2C640x480%7C728x90%7C970x90%7C970x250%7C1000x90%2C728x90&prev_scp=pos%3Dtop%26refreshable%3Dtrue%26adrefreshed%3Dfalse%7Cpos%3Dmid%26refreshable%3Dtrue%26adrefreshed%3Dfalse%7Cpos%3Dtop%26refreshable%3Dtrue%26adrefreshed%3Dfalse%7Cpos%3Dlow%26refreshable%3Dtrue%26adrefreshed%3Dfalse&cust_params=kw%3Dattacks%252Ccompromised%252Ccritical%252Cinfrastructure%252Ccompanies%252Chacking%252Ctools%252Cmcafee%252Cnight%252Cdragon%252Ccyberattack%252Cunsophisticated%252Cbut%252Ceffective%26tax%3Dproduct%2520security%2520antivirus%252Cproduct%2520it%2520security%2520gateway%2520and%2520network%2520security%2520web%2520security%252Cproduct%2520security%2520threats%2520and%2520vulnerability%2520hackers%252Cproduct%2520security%2520threats%2520and%2520vulnerability%26path%3Dsecurity%252Cmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%26articlekey%3D921833%26pagetype%3Darticle%26securesite%3Dtrue%26url%3Dhttp%253A%252F%252Fwww.eweek.com%252Fsecurity%252Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective%26pfm%3Ddes%26env%3Dprod%26wtdlk%3DX2p%2540RcEDS7zaYBhNJCWu1AAAAB8&cookie_enabled=1&bc=31&abxe=1&lmt=1600814663&dt=1600814663069&dlt=1600814662529&idt=495&frm=20&biw=1600&bih=1200&oid=3&adxs=1096%2C1096%2C480%2C436&adys=671%2C2171%2C105%2C3033&adks=1559789334%2C2722770246%2C2014856158%2C1591461919&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&dssz=85&icsg=844460332695356&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=299x250%7C299x250%7C1600x480%7C1600x120&msz=299x250%7C299x250%7C1600x480%7C1600x90&ga_vid=1952371331.1600814663&ga_sid=1600814663&ga_hid=1381152462&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfV0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

29e8982e47217475e318e60213fb065421a21257fa4f854eb28ef8fa6a70cc8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18088
x-xss-protection: 0
google-lineitem-id: 5457660940,5431140666,5431140666,5431140666
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138322905610,138318333574,138317943381,138317878160
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
901e86046eff7c57bae7503e9f2d8d57.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 70ms
38ms Other
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://901e86046eff7c57bae7503e9f2d8d57.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2

200

brandlift.php
www.facebook.com/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?ci=nlsnapi29032&am=4&ep=1&at=view&rt=banner&st=image&ca=moat_tsci_7GD8k&cr=crv3966877&pc=b-11238-www.nativo.com&r=1600814663098
https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&plac...

67 B
889 B

223ms
211ms

Image
image/png

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&placement_id=0f75615df50b11c30a37f4d32869ebe2dd60e9db3bd327b133d12813199638bb&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20200922&imp=1&h=d42dd3447f&rnd=1600814663

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: 7XHtJ+YXC2iOqeF/CGB2oWUF8TlcZ4utwYCJOW4v39XgMNKiyo4TwUur4Io/AkAnjR6izo/kB7jEPdsKnoxkjA==
content-encoding: br
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Tue, 22 Sep 2020 22:44:23 GMT
strict-transport-security: max-age=15552000; preload
content-type: image/png
status: 200
cache-control: private, no-store, no-cache, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:23 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA6-C1
status: 302
location: https://www.facebook.com/brandlift.php?campaign_id=d77bf9edacedb0d79f90d773d830a0acf9565e776ea09241719dcf3fc2b1486d&creative_id=61266bbfdd5e014616334fc415b5ca6bb77f2c503e9ae675988eab026e684c30&placement_id=0f75615df50b11c30a37f4d32869ebe2dd60e9db3bd327b133d12813199638bb&media_type=image&segment1=DE&segment2=111&segment3=NA&osversion=OSX10_14_5&device_type=DSK&platform=DSK&advertiser_id=DSK&ver=1&creative_type=0&data_date=20200922&imp=1&h=d42dd3447f&rnd=1600814663
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: 2wi6OZS9OpX3NlMZqdASSd29hTL3iV_YgXNjNRvcXiVIosqdmb6xSw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A982 0
0 60ms
60ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstRdecxe3lN24elU5mUPBn7zGwltsUU3ydNHEKmWsWCvRMk8kOc3GYIyrPW9ReTzWEmBA-3wTTmak1adh-wsE4obFyI-DUjaC46XdOqGX962VLa8FslOLpvfnvdInBYsjqeVQUuxXvCFLYYjsdYnjKnqYqpyflINXJ3ljKjrIuBdDViAOFg1n0xxyz_fx_b1Rusc5vBY0SkYwm8w4JjmphkDqs173AsrUV94QRvhPcT44ZKMmHDfDLatUi90bIbb2NL2nkI__WIxKEmwQ&sai=AMfl-YRJzYqM9cj5DT8TdD0ocwp9c-wQxj32-2nQkgDV91NjD8owLRJJD-cO802K3EP0oOO1JtQo8BLGCbI3QpKTdkdVWO9UXhNv7vmCb6zelFgZI71z95FnNTkhh4liYXo&sig=Cg0ArKJSzC9F3_4cL7-qEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/ Frame A982 18 KB
7 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

195bec532674d8102c3047fbc17b6855cbbdff745ac93f21539ec3a518cfba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7301
x-xss-protection: 0
server: cafe
etag: 3332555028450504698
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:41:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/ Frame A982 3 KB
2 KB 26ms
12ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:39:59 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame A982 75 KB
29 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630f07cf188ac38eecaa775a423df55e225f125ea75198214c56ba1fcdc9c836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame A982 0
0 14ms
14ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSotzIngTNvhK8LeX8mAvTwaFpd5IrLv2QkQtGSfOREb5xS38bnBzdCvnSuC61blVia4uMU
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 162231739674393974
tpc.googlesyndication.com/simgad/ Frame A982 186 KB
186 KB 32ms
18ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/162231739674393974

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4e5c9515c0f11cde167aa8aa3da2e9993b010ceb7a6b7f701103c09cd7b6fb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 16 Sep 2020 13:42:13 GMT
x-content-type-options: nosniff
age: 550930
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190350
x-xss-protection: 0
last-modified: Tue, 08 Sep 2020 15:23:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 16 Sep 2021 13:42:13 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FC9 0
0 60ms
59ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuicVY0I2gkB50eT3zJ0qz-cmessul0EtHWkEZzb9Oeg0hxFoe_E7MlRcOkwZHVnBoO4kLMy7GJbEWuh2xCTmSct0Kly60cxHyn4s6LjcuEsZ8iX2wMQqYvaeEsfPT3sYDG3Y_Wy5CygQlWNQOk8G4thvZTskQ7f7J67B54uqLdtbxfh3-0enqvFx0Dj1YNcBh4ZqGhxLMlOb-ipuldDZz8NWbwaqdCOy_jVYqQx4I1T9oRfJi0XN5ksALKa1hnmxiXXPw0HIcKlPaXKw&sai=AMfl-YQ-xMX3O1dNJuwfPh_NDTI4hl5zPUaCmXmzMxtf8I_AKrXjpUo0jIidNdA6S0sR9YckGvbd8zpEETk2G3eUpI7MFBobuCD1i1HCnfNuA9yHZj2TLfg5fIdhVbvmKms&sig=Cg0ArKJSzMUhxUp7gES_EAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/ Frame 3FC9 18 KB
7 KB 21ms
14ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

195bec532674d8102c3047fbc17b6855cbbdff745ac93f21539ec3a518cfba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7301
x-xss-protection: 0
server: cafe
etag: 3332555028450504698
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:41:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/ Frame 3FC9 3 KB
1 KB 23ms
16ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:39:59 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FC9 75 KB
28 KB 57ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630f07cf188ac38eecaa775a423df55e225f125ea75198214c56ba1fcdc9c836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 200 550550691122355931
tpc.googlesyndication.com/simgad/ Frame 3FC9 36 KB
36 KB 21ms
14ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/550550691122355931

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c4d3870ac21dd458fcff44099a748c1036728ccba811af4e5b29ef8f9c66d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 20:51:21 GMT
x-content-type-options: nosniff
age: 6782
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36706
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 16:30:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Sep 2021 20:51:21 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
538 B 601ms
201ms Image
image/gif 54.153.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_mat=335*2885&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.50.250 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-50-250.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:23 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 52ms
45ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1109f4331a2b98162695b55b54a61fb6b0d010e90ab72ecc4543c89f617fa90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27590
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 31A3 0
0 64ms
60ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkg4BX6RCtAX6l4QdRq0ES3TFR7AAy1OG4e30QJLyiSi9zhyK_EGVpyPrPQUwodvAmp5oL_hCvU9tGTo3c73qORkFmaDyN5hjJ1-14ZH9aaqOTY4zOjcbGxgaUSbbMc_1ZRiCYaZ_V52BEsvQdFo3OKHkhOdxNsZGbXJz1ZiDmKy-O07MVZeiB44Oy58vfmUJsRdiF81FxlXf-UixEQ90k1CFZxw_WrLgWLwSknA-cSG3QNHGQq_I49h7-poPOtjIgKZWXc0Yjz39M&sai=AMfl-YRAX-UR2tlumSUtPeWEphCNuCy78pgMxYwA5k9_FvP8SdpC7554rIFZcXYXNsf_IPc6dbEeKcbTnPHAG1SZ39RpZg_uczo7IiJVkgme2oMlKnB6nH7RG0yBr_RsuUY&sig=Cg0ArKJSzOjgAlqG9bJlEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/ Frame 31A3 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

195bec532674d8102c3047fbc17b6855cbbdff745ac93f21539ec3a518cfba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7301
x-xss-protection: 0
server: cafe
etag: 3332555028450504698
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:41:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/ Frame 31A3 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:39:59 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31A3 75 KB
28 KB 43ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630f07cf188ac38eecaa775a423df55e225f125ea75198214c56ba1fcdc9c836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 31A3 0
0 20ms
13ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUuXdn-GVoYY07B76eEZ29vUUqfUH2NtHD5i32aVb5A_qxFs7oH_cH3IEvJ9pqHcsy6I8z
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 5819634511657638899
tpc.googlesyndication.com/simgad/ Frame 31A3 7 KB
7 KB 15ms
7ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5819634511657638899

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6db70420f618dbfefc062a252474df6bad80c5d1a98f1f7227da0252ff709172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 21:42:01 GMT
x-content-type-options: nosniff
age: 3742
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6964
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Sep 2021 21:42:01 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C218 0
0 64ms
60ms Fetch
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstStDxwehiR4joBtaLH-nes9F0tA9AR8jFcc2HhhwaS4b74by2gDFI_tBN2MSx0zPXRttxQNNCDvukT9hbOPfX2fvB5kVwCnzxfSjZTgVPrPWBgCcINxtlWTdCbvyTOOqUKiPDg8tslyjD1i8Nt3EXYxUwpjqtOaq6uhFqsztW-Y3SAwPmb9vXS7T2uehZA7MICRw3U6xCBEWnOCwnbQuibgFoxMuDBGfDl5lAQzXaneUceTF7ezBuk7h1wI_rO5yI53yQ1G1QLIDWK&sai=AMfl-YRDHkNHk2oCSDBvVf9FTiqeBtq1VSbkTDSDfcXzafLrb7EHA8YiXyhhcuFrbMMMqQpiSpDCPVbvMVGKdcdteJy8fGXUGhZ4BkgCQXGmS0txHhI1JZHttMb7hql_Qaw&sig=Cg0ArKJSzLRbigxvHYp-EAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/ Frame C218 18 KB
7 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

195bec532674d8102c3047fbc17b6855cbbdff745ac93f21539ec3a518cfba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7301
x-xss-protection: 0
server: cafe
etag: 3332555028450504698
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:41:14 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/ Frame C218 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200918/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 16:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21864
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 06 Oct 2020 16:39:59 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame C218 75 KB
28 KB 42ms
38ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630f07cf188ac38eecaa775a423df55e225f125ea75198214c56ba1fcdc9c836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600688589454019"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28900
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:23 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C218 0
0 16ms
13ms Image
text/html 2a00:1450:4001:819::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqeNvlOUY7gbhq6C4FjBE24JM3RtKDIWQM28twk6OFJTmHnynR8BcXqDn-t8r9-60eE96T
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:819::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 9821937224733526414
tpc.googlesyndication.com/simgad/ Frame C218 7 KB
7 KB 11ms
8ms Image
image/png 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9821937224733526414

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

630eb3990531002971601a95ae393ca1ed281c472bb53863630954d695ff3234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 21:25:06 GMT
x-content-type-options: nosniff
age: 4757
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
last-modified: Fri, 24 Jul 2020 15:42:32 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Sep 2021 21:25:06 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
537 B 579ms
201ms Image
image/gif 54.153.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_mat=334*4;336*4&ntv_it
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.50.250 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-50-250.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:23 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A982 0
21 B 63ms
62ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstsjfhQnuHp0fRMxrcm9D44tH-GFo6Ui-NRtcK4kMrMHaNtu60kGZR-cCEUQhHZhQVfEzImF_DMPHvuor5cNjttqAh6QmUY_ITxWhPlIqkvsMtaNC85aw-GgXt3-S85C4b8C6YdtDHm7W2F3l8NI2I4vcilPOzXFNDwfYWZQ63TpECEu9ygo01CoQKonnQKdhMX7jFQc0hpA4DhObGoqYkbtbtb6zMYqLEGzE8pzEwyr7ytZhrF9y66ve1dBtEL5GoIdVVRVZ3uyXUuZueZ&sai=AMfl-YQDvSlRHsADrJE-HUPMx3fDI3GXTd5B-Uz3MNF8-Cs_cQ0YdeTO3jLlepw6dDwCWl6Ym1Kuwt3XzOIdO32r-sqe90Iw4UzwdZx-M3xN8ASzGTct7zXNxLMnaBxT0Cs&sig=Cg0ArKJSzEeXdhqiIesXEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A982 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8eb58ed1b11da02cd660446e09a8e1254bc6ee7c794ad5f988781942f0eac93e

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3FC9 0
21 B 61ms
61ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvQGk8yJi8t2oOvfiNX7s_m3cq5-iQfJSHeLQiyz8Hyc1c0PnR267YBkpa4NhUgwUrZ8ORYp_0QNgtD7DaQnEMewrPFanh1s75KV0SUYy0PLXFzwIqaL2pKGF1BQhQc1plQFckZpdJrleI4mOvWJsPq5UGT1ifpawCDVzdbP0qkbDIISCDnHCKg-utQPE2xfp50IekorUblV59u8QaXmjmyEQ5xh5xf6YE_ViuSXEX5y6sdmlzqCmnKnznASI-QSSXo8JATEzyG6dG48zJ5&sai=AMfl-YQnyM8JvIgossjCR8NRlDPIQ0hOMS5-vvKnEEfBy7MC7YZsz7Gft_Nt-DOPxfh8ZHbytXjtAezk56ATK6F_76F8k9qGmkr3NBXfUnjWn1_4sMlYCrOzeS8XJbF0ie4&sig=Cg0ArKJSzCoU-tJR336tEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FC9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a0442eaa10b4381d4813fdd7bec41dfad30a48640c57592a00c1541b157add

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 31A3 0
21 B 62ms
62ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst8XnBAjAVPiaXiJPA1116HyGncDzzSJunJaHysbScXqtieEVoclz29pvS4ixnIlGk9NvXaDtXyWHtMV8C7OQqrta4QJ6o5KhhcLkxGNAYs8G2TvXB_DYhHzWPsy-jY9WJXjAmIdoYq60Kc7lWFvxREaQnSHfZTkPWPCh4Nt4J8VNSfkU1mqbDeRUildNm5vksUwbBMDdeSv1tNbkHbe6Acky7-4x25JfMqHEC6ibubXxUhH9cx5GgA5sRhkxsPReIDiZ9RoSqH1mmR1jY&sai=AMfl-YT38JFJu5Gnh0aC3u5v3q9lNZanV5XQS50Jcrg_ebxEWquprmUwDXeu7XBpIsA4aAcvGNdPKQzbtwSmfDGNwUG1FrczV8KuoPNplC_zZimzHGeQiZ_wYxGx1CMxU-A&sig=Cg0ArKJSzLp9PdmIu5htEAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 31A3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1815b8f900173a80efc189b945bca8073e1d033929b505e08413a02abc49639b

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame C218 0
21 B 61ms
61ms Image
image/gif 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstaBXoIfayaSa9n30RjvLJz82EG-8cu41ouGJSEdZpXNMAfY3c1FEw66MdkGQ9CW6RVRImmtXaJDok4WmfLml2qH7QzXFhgSpADLUpNqGKhu_2TkaZbVBbqeF2gwD2P60B6_5dBN7Ux_N5FH7fGhcxY7fwVzYMB4v8sSk2LYjH34VwuXVb377HczERnGaGccz9xSsl3WS4HgMaXzP6o0FDNMBqPyUipaEcwzXGmeIKr-XAWkbTZY5qwawDNDOh-eXHpfGPWzbS_DvMY9Xs&sai=AMfl-YS_iSDnoYYCELLE-PWl0p1bpf06Vu3XTcaoB2_BtSW0OpnR728rg94argR9KgPw-Dy4LtxuBHbCvyVNto5K-PcuWYpjnSf6-IJPJ9RFepRas8rnF7GmnZFfJS0reis&sig=Cg0ArKJSzP61Cx8tAFt3EAE&adurl=

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C218 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: beb36b2bf3877f5fc4d444efe075d5f160ce18020e4f95b14b2a48bc8d0efd29

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon_email_personalization.jpg
www.eweek.com/bundles/eweekbase/images/ 2 KB
3 KB 175ms
84ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/icon_email_personalization.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

00214ae0d2c14c8e74484c9359a36fe5cf6b6d85c699df9d60283f1097a0a218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: MISS
cf-ray: 5d607e299cf4dfd3-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/20/2020, 7:52:55 PM
content-length: 2371
cf-request-id: 05502d2dfa0000dfd3eb030200000001
x-ntv-te: 628 c:0 a:0
pragma: Public
x-ttl: 604800.000
server: cloudflare
date: Tue, 22 Sep 2020 22:44:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 81175604
cache-control: public, max-age=446948
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 28 Sep 2020 02:53:32 GMT

GET
H2 200 arrow_personalization.jpg
www.eweek.com/bundles/eweekbase/images/ 1 KB
2 KB 176ms
85ms Image
image/jpeg 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.eweek.com/bundles/eweekbase/images/arrow_personalization.jpg

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

34d87b5c55c884c6d98a650dd8cccb4345ffe7a762e24c72ca6559ec1cff81b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-vcl-author: Varnish01
cf-cache-status: HIT
cf-ray: 5d4e70c3b82816e6-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/18/2020, 3:18:02 PM
x-cache-hits: 1
content-length: 1401
cf-request-id: 0544e4ce56000016e6d5175200000001
x-ntv-te: 13 c:0 a:0
pragma: Public
x-ttl: 604800.000
cf-bgj: h2pri
server: cloudflare
date: Tue, 22 Sep 2020 22:44:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-varnish: 73298331 74968930
cache-control: public, max-age=218178
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 25 Sep 2020 11:20:42 GMT

GET
H2 200 Lato-Bold.ttf
www.eweek.com/cms/fonts/lato/ 111 KB
47 KB 137ms
46ms Font
application/x-font-ttf 23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eweek.com/cms/fonts/lato/Lato-Bold.ttf

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/cms/css/d0d0c8a.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-37-42-150.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

bf4ea0b5cecc6e6abe221559004b6910dfdf0296e1ff4664edae80b8ac61ae5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Origin: https://www.eweek.com
Referer: https://www.eweek.com/cms/css/d0d0c8a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-vcl-author: Varnish
cf-cache-status: HIT
cf-ray: 5d1267368c8dd6e5-FRA
status: 200
x-ntv-worker-version: 1.1.1w 9/11/2020, 8:25:45 AM
date: Tue, 22 Sep 2020 22:44:24 GMT
content-length: 47819
cf-request-id: 051f5ed6110000d6e5660f3200000001
x-ntv-te: 31 c:0 a:0
pragma: Public
x-ttl: 120.000
last-modified: Mon, 24 Aug 2020 17:23:12 GMT
server: cloudflare
etag: "1dbbc-5ada2d7504245-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 9765553
cache-control: public, max-age=448174
content-type: application/x-font-ttf
expires: Mon, 28 Sep 2020 03:13:58 GMT

GET
H2 200 blueconic.min.js Show response
tatestdrive.blueconic.net/frontend/static/javascript/blueconic/ 126 KB
38 KB 479ms
227ms Script
text/javascript 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

82bb5b0cf35374b4d02d75f64b53cbdb43cf5f3699b46e93e8320f3d6bab67e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 8cca1378cb51b0385c7dbdceed5396ce
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=600
content-type: text/javascript; charset=utf-8
content-length: 38432
x-xss-protection: 1; mode=block
expires: Tue, 22 Sep 2020 22:54:24 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 64 B
223 B 172ms
56ms Script
text/javascript 34.253.48.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.quinstreet.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.48.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-48-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3664dafc16b041a5b91f26965ae2375e96d2a5a06af7aa8e47794c9f87bd9b1

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 22:44:24 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=32 t=1600814664
content-type: text/javascript
x-served-by: beacon-n016-dub-prod.krxd.net

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 301 B
544 B 167ms
116ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=e135fda1-30ea-4b03-9420-07993c74ffc0&technographics=1&callback=Krux.ns.quinstreet.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 095a2d2249784048febd91d6a39050db9e8ea2b707897b6c9060e50fd6b28e83

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
age: 0
x-cache: MISS, MISS
status: 200
x-age: 0
content-length: 240
x-served-by: userdata-a004-ash-prod.krxd.net, cache-hhn4034-HHN
x-timer: S1600814664.027039,VS0,VE90
vary: Accept-Encoding
content-type: text/javascript
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 41ms
22ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020091601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c465bc31de7536ca4aa8837834f3931b067dfb125db2a846808a5e9296f7af6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Sep 2020 22:44:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6554
x-xss-protection: 0

GET
H2

200

/
www.eweek.com/ntv-ce-sync/454285540/
Redirect Chain

https://jadserve.postrelease.com/ce.gif?do=gci&fpd=www.eweek.com&ntv_it
https://www.eweek.com/ntv-ce-sync/454285540/?id=8146aea9-8f12-4090-8fb5-f5ddb7dc9024&o=0&s=0&do=syn

43 B
814 B

260ms
260ms

Image
image/gif

23.37.42.150
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eweek.com/ntv-ce-sync/454285540/?id=8146aea9-8f12-4090-8fb5-f5ddb7dc9024&o=0&s=0&do=syn
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.150 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-150.deploy.static.akamaitechnologies.com
Software: cloudflare /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-request-id: 05599662220000e60c9a24b200000001
cf-cache-status: DYNAMIC
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
x-ntv-worker-version: 1.1.1w 9/22/2020, 3:44:24 PM
content-length: 43
x-ntv-te: 184 c:0 a:0
pragma: no-cache
server: cloudflare
date: Tue, 22 Sep 2020 22:44:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 5d6f8ce3688ae60c-LHR
expires: Mon, 1 Jan 1990 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
server: nginx/1.12.1
status: 302
location: https://www.eweek.com/ntv-ce-sync/454285540/?id=8146aea9-8f12-4090-8fb5-f5ddb7dc9024&o=0&s=0&do=syn
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/ 1 KB
1 KB 123ms
41ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/munchkin.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:24 GMT
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 03:11:00 GMT
Server: AkamaiNetStorage
ETag: "a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 752

GET
H2 200 a-01eo.min.js Show response
b-code.liadm.com/ 27 KB
10 KB 184ms
165ms Script
application/javascript 2a02:26f0:6c00::210:baa3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01eo.min.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baa3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 92451f37ce43d54ccaa4a6bd84cb5252142b2ae7c71fc7bec6309c54ce34e039

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
last-modified: Fri, 18 Sep 2020 11:28:13 GMT
etag: "956668ec0ee2b40b8ed4e77c44f29f90"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3551
accept-ranges: bytes
content-length: 10408

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 21ms
7ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 403bfa21e733c139da9d7d87c48fa0ebbed91514fbbadf34cbc455294a004389

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
etag: "M/QWkfLVS4vR+GrkCudkBg=="
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 29 Sep 2020 22:44:24 GMT

GET
H/1.1 200
OK 15852 Show response
marketing.technologyadvice.com/cdnr/89/acton/bn/tracker/ 5 KB
6 KB 634ms
203ms Script
application/javascript 207.189.124.19
ACTON-SOFTWARE

General

Check archive.org

Show headers Download Go to

Full URL: https://marketing.technologyadvice.com/cdnr/89/acton/bn/tracker/15852
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.189.124.19 , United States, ASN393648 (ACTON-SOFTWARE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: fb28f48ed273b14fbdc519651dda4f386de013f57781302d15b8da68970b84fe

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:24 GMT
X-Cnection: close
Server: Apache-Coyote/1.1
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"
Content-Length: 5319
Content-Type: application/javascript;charset=utf-8

GET
H2 200 sl.js Show response
scout-cdn.salesloft.com/ 6 KB
3 KB 101ms
27ms Script
application/javascript 23.111.9.64
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://scout-cdn.salesloft.com/sl.js
Requested by: Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.64 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
last-modified: Mon, 27 Apr 2020 18:38:20 GMT
server: NetDNA-cache/2.2
x-amz-request-id: 7534A33BD41B1260
etag: W/"f39a9ee69f7c11a788f004f2b71ace38"
x-cache: HIT
content-type: application/javascript
status: 200
x-amz-id-2: g3MvCMalPLzbFZpWMh+JNYtkjU8AewW/rquOkR7pq17v97KaWXGUIF04UnRGXf44SgzvMNKJJac=

GET
H2 200 ubd4egfx2p54.js Show response
js.driftt.com/include/1600814700000/ 137 KB
45 KB 212ms
146ms Script
application/javascript 13.224.193.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/include/1600814700000/ubd4egfx2p54.js

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.72 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-72.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

fc9c7e7528482e7e2a663a42452ca37a332b4da1b096352a3e93f151c5ea4489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
etag: "c2d3249ee9669dcb826e0e7b69e25646"
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 22 Sep 2020 19:15:34 GMT
server: nginx
date: Tue, 22 Sep 2020 22:44:24 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
cache-control: max-age=10
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: ubDMsqnE4uFiwdOmwRneQb8J2e7ldML2VPaiyEQCkmZbt1fKSHHa4w==

GET
H/1.1 200
OK utsync.ashx
ml314.com/ 43 B
517 B 207ms
48ms Image
image/gif 34.249.122.179
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50027&et=0&d=qnst041720171
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.122.179 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-122-179.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 22:44:23 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Wed, 23 Sep 2020 18:44:24 GMT

GET
H2

204

data.gif
beacon.krxd.net/
Redirect Chain

https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e
https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=

0
337 B

57ms
56ms

Image
text/plain

34.253.48.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.48.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-48-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Tue, 22 Sep 2020 22:44:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1600814664
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n005-dub-prod.krxd.net

Redirect headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
server: AAWebServer
status: 302
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://beacon.krxd.net/data.gif?_kdpid=2111c0af-fc3a-446f-ab07-63aa74fbde8e&_kua_seg=000&_kua_zip=&_kua_age=&_kua_gender=&_k_adadvisor_key=
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=17772711&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2

43 B
1 KB

37ms
36ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 22:44:24 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.240:80
AN-X-Request-Uuid: 4432f022-8ebd-4402-bb12-010f80416e6f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 22 Sep 2020 22:44:24 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.137:80
AN-X-Request-Uuid: 064738c1-c24b-4991-8efc-fa3990d96d23
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D17772711%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
622 B 200ms
200ms Image
image/gif 54.153.50.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=386,387,388,389&ntv_r1=2365&ntv_r2=2365&ntv_r3=2365&ntv_r4=2365&ntv_pl=991393&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.50.250 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-50-250.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H/1.1 204
No Content boomerang
qls.qsstats.com/v1/log/ 0
346 B 839ms
284ms Other
text/plain 70.42.23.90
QNST-DC01

General

Check archive.org

Show headers Download Go to

Full URL

https://qls.qsstats.com/v1/log/boomerang

Requested by

Host: www.eweek.com
URL: https://www.eweek.com/imageserver/common/sg/1.0/sg.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

70.42.23.90 , United States, ASN25878 (QNST-DC01, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://www.eweek.com
Date: Tue, 22 Sep 2020 22:44:24 GMT
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Strict-Transport-Security: max-age=31536000
Access-Control-Allow-Methods: GET,POST,OPTIONS

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020091601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Tue, 22 Sep 2020 22:44:24 GMT

GET
H/1.1 200
OK munchkin.js Show response
munchkin.marketo.net/159/ 11 KB
6 KB 41ms
41ms Script
application/x-javascript 104.111.250.210
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://munchkin.marketo.net/159/munchkin.js
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.250.210 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-250-210.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:24 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 May 2020 02:24:14 GMT
Server: AkamaiNetStorage
ETag: "79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary: Accept-Encoding
P3P: policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control: max-age=8640000
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/x-javascript
Content-Length: 4810
Expires: Thu, 31 Dec 2020 22:44:24 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00::210:baa3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01eo.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:baa3 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
last-modified: Tue, 17 Mar 2020 09:48:23 GMT
etag: "ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-amz-meta-version: 0.2.0
content-type: application/javascript
status: 200
cache-control: max-age=2673
accept-ranges: bytes
content-length: 2374

GET
H2 200 rules-p-vPn77x7pBG57Y.js Show response
rules.quantcount.com/ 3 B
355 B 450ms
423ms Script
application/x-javascript 2600:9000:20e8:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-vPn77x7pBG57Y.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:41:35 GMT
via: 1.1 ffa01f5c992a803f4470401daea2d541.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 181
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: TXL52-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: m-0qz12ayOzhllGHNM8IK_NrVI7RPqH9suHHBRvN_Cnl9uNtm3rGgA==

GET
H2 200 r Show response
scout.salesloft.com/ 41 B
402 B 406ms
124ms XHR
application/json 54.175.222.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/r?tid=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ0IjoxMDA4ODh9.2y6MQiklIkXIB45NYasoglw7nH9ekivnGuULUUi5VF0

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.222.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-222-188.compute-1.amazonaws.com

Software

Resource Hash

e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
status: 200
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 41
x-request-id: 16e867b6ad9166344b7f87b07ada6b8e

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 58ms
58ms Image
text/plain 34.253.48.240
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=user_data_timeout&confid=Jd-PsEKi&_kpid=e135fda1-30ea-4b03-9420-07993c74ffc0&_kcp_s=eweek.com&_kcp_d=www.eweek.com&_knifr=10&_kua_kx_tz=-120&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_kx_whistle=0&_kpa_kx_context_terms=Ji3pktCL%3A3%2CJfmsB880%3A3%2CJfmsCH2V%3A1%2CJi3pklTz%3A2%2CJi3pkrMv%3A2%2CJi3p_QCe%3A1%2CJi3pkmI4%3A1%2CJi3q7GV8%3A3%2CJfmsCRi8%3A1%2CJfmsCUyh%3A6%2CJfmsBqQe%3A1%2CJi3pkUFw%3A1%2CJi3pkW0v%3A1%2CJi3p_aFW%3A1%2CJi5WHxY-%3A1%2CJfmsB-Gk%3A1%2CJi3q3KPc%3A1%2CJfmsBqkF%3A1%2CJi3pkpm1%3A7%2CJi3pkgr9%3A2%2CJi3pkU27%3A1&_kpa_keywords=attacks%2Ccompromised%2Ccritical%2Cinfrastructure%2Ccompanies%2Chacking%2Ctools%2Cmcafee%2Cnight%2Cdragon%2Ccyberattack%2Cunsophisticated%2Cbut%2Ceffective&_kpa_url_path_1=security&_kpa_url_path_2=mcafee-night-dragon-cyber-attack-unsophisticated-but-effective&_kpa_domain=eweek.com&_kpa_env=prod&t_navigation_type=0&t_dns=0&t_tcp=0&t_http_request=-1&t_http_response=5&t_content_ready=2391&t_window_load=3489&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=false&sview=1&kplt0=44827&kplt1=30001&kplt2=36127&kplt3=36767&kplt4=45155&kplt5=19515&kplt6=19516&kplt7=19517&kplt8=19519&kplt9=19524&kplt10=19533&kplt11=19536&kplt12=19541&kplt13=19542&kplt14=19548&kplt15=19550&kplt16=19551&kplt17=19554&kplt18=19555&kplt19=19556&kplt20=19557&kplt21=19558&kplt22=19559&kplt23=19560&kplt24=30025&kplt25=40211&kplt26=41744&kplt27=44425&kplt28=45271&kplt29=45272&kplt30=45273&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe135fda1-30ea-4b03-9420-07993c74ffc0%2C104%2Chttps%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fset%2Fe135fda1-30ea-4b03-9420-07993c74ffc0%2C95%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C504%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C503
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.48.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-48-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Tue, 22 Sep 2020 22:44:24 GMT
cache-control: private, no-cache, no-store
x-request-time: D=56 t=1600814664
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n017-dub-prod.krxd.net

GET
H2 200 index.html
js.driftt.com/deploy/assets/ Frame 3159 0
0 51ms
50ms Document
text/html 13.224.193.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.driftt.com/deploy/assets/index.html

Requested by

Host: js.driftt.com
URL: https://js.driftt.com/include/1600814700000/ubd4egfx2p54.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.72 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-72.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: js.driftt.com
:scheme: https
:path: /deploy/assets/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

status: 200
content-type: text/html; charset=utf-8
content-length: 894
server: nginx
last-modified: Tue, 22 Sep 2020 19:15:33 GMT
x-amz-server-side-encryption: AES256
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 22 Sep 2020 22:44:24 GMT
etag: "ed2c7560d96f4876f6fb2581d7c2168c"
cache-control: max-age=10
x-cache: Hit from cloudfront
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: VkFb6WtNCZbdjs66c0hKpLu2jwFni1EppyXV4aBngsEIE8n2fMLsQA==

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E0E0 0
0 6ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Tue, 22 Sep 2020 21:36:33 GMT
expires: Wed, 22 Sep 2021 21:36:33 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4071
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK visitWebPage Show response
949-nym-063.mktoresp.com/webevents/ 2 B
311 B 539ms
113ms XHR
text/plain 192.28.144.124
OMNITURE

General

Check archive.org

Show headers Download Go to

Full URL: https://949-nym-063.mktoresp.com/webevents/visitWebPage?_mchNc=1600814664516&_mchCn=&_mchId=949-NYM-063&_mchTk=_mch-eweek.com-1600814664515-49661&_mchHo=www.eweek.com&_mchPo=&_mchRu=%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&_mchPc=https%3A&_mchVr=159&_mchEcid=&_mchHa=&_mchRe=&_mchQp=
Requested by: Host: munchkin.marketo.net
URL: https://munchkin.marketo.net/159/munchkin.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.28.144.124 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:25 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
X-Request-Id: 8636ac6e-3442-4198-a871-51f4fc807e6d

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 15 KB
4 KB 127ms
127ms XHR
application/json 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=&bctempid=&overruleReferrer=&time=2020-09-23T00%3A44%3A24%2B02%3A00&ts=1600814664531

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

727d4e6b87cda4d9b44dbaff82384b06a2b6056e8f16bc7ab9633e74c53b2786

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 3038
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame A982 42 B
65 B 63ms
48ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxU58ijeszgwYjcymEXnlLwY1Zk9HSzD-sthczMeEWIqfuyW0tJNvKChdvNdkIvDzALXxOM6cOHHpS8g802y_1gD9gRNI9Q35bysXk2U8&sig=Cg0ArKJSzAVoZUBr_FyEEAE&adk=1559789334&tt=-1&bs=1600%2C1200&mtos=1070,1070,1070,1070,1070&tos=1070,0,0,0,0&p=320,1096,920,1396&rxlist=1&mcvt=1070&rs=0&ht=0&tfs=110&tls=1180&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=7&niot_cbk=20&md=2&btr=0&cpmav=0&lm=2&rst=1600814663324&dlt&rpt=133&isd=0&msd=0&xdi=0&ps=1600%2C3524&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-5-11-11-0-0-0&tvt=1176&is=300%2C600&iframe_loc=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x600&itpl=3&v=20200921

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 31A3 42 B
269 B 60ms
47ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsseAkPw5W14f7IPIIhBvuWVKstjQFXOIPADyfyCWx-SS8e32Ds11l-BHJ6nb9OPvXAxd__IrwRZc6Nfi2de8D8ZMhVXeaxoXl5FLjuzk8I&sig=Cg0ArKJSzCw520k8nM_FEAE&adk=2014856158&tt=-1&bs=1600%2C1200&mtos=1057,1057,1057,1057,1057&tos=1057,0,0,0,0&p=124,436,214,1164&rxlist=1&mcvt=1057&rs=0&ht=0&tfs=103&tls=1160&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=1&niot_cbk=36&md=2&btr=0&cpmav=0&lm=2&rst=1600814663346&dlt&rpt=123&isd=0&msd=0&xdi=0&ps=1600%2C3524&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-12-2-11-11-0-0-0&tvt=1159&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&r=v&id=osdim&vs=4&uc=12&upc=2&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200921

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

p
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01ejvztjrpd...
https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01ejvztjrp...

43 B
500 B

405ms
124ms

Image
image/gif

35.171.210.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj&se=e30&dtstmp=1600814664587&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.171.210.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-171-210-100.compute-1.amazonaws.com

Software

nginx/1.16.1 /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:25 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
x-frame-options: DENY
vary: Origin
content-type: image/gif
status: 200
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: e844aafe7dfa4311
request-time: 1
content-length: 43
x-content-type-options: nosniff

Redirect headers

x-frame-options: DENY
date: Tue, 22 Sep 2020 22:44:24 GMT
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
server: nginx/1.16.1
status: 302
request-time: 0
location: https://rp4.liadm.com/p?tna=v1.1.10&aid=a-01eo&wpn=lc-bundle&pu=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&duid=8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj&se=e30&dtstmp=1600814664587&i6=MmEwMTo0Zjg6MTkyOjU0MTQ6OjI%3D&n3pc=true
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
trace-id: 2bbae4cc4f05eeb9
vary: Origin
content-length: 0
x-content-type-options: nosniff

GET
H2 200 2d7f7728cf615e7d9c5a52182b49baeb Show response
tatestdrive.blueconic.net/plugin/plugin/ 37 KB
10 KB 124ms
124ms Script
text/javascript 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/plugin/plugin/2d7f7728cf615e7d9c5a52182b49baeb

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

a1ed70a156b6fb446289a7db193708b2f8328d3f521c87a29589c4ba6467b521

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 2d7f7728cf615e7d9c5a52182b49baeb
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 9179
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 22:44:24 GMT

GET
H/1.1 200
OK 15852
marketing.technologyadvice.com/acton/bn/ 43 B
514 B 192ms
191ms Image
image/gif 207.189.124.19
ACTON-SOFTWARE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marketing.technologyadvice.com/acton/bn/15852?ref=&v=2&ts=1600814664024&nc=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 207.189.124.19 , United States, ASN393648 (ACTON-SOFTWARE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 22 Sep 2020 22:44:24 GMT
X-Cnection: close
Server: Apache-Coyote/1.1
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"
Content-Length: 43
Vary: Accept-Encoding
Content-Type: image/gif

GET
H2 200 529510cf39a401e2b1e85690f9586e65 Show response
tatestdrive.blueconic.net/plugin/library/ 221 KB
70 KB 127ms
127ms Script
text/javascript 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/plugin/library/529510cf39a401e2b1e85690f9586e65

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

7bc11e666c27496a16d383628b30962882e3d258c54602d4a8ccc7e31a3a8f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: 529510cf39a401e2b1e85690f9586e65
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 71424
x-xss-protection: 1; mode=block
expires: Wed, 22 Sep 2021 22:44:24 GMT

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 1 KB
2 KB 228ms
228ms XHR
application/json 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=&bctempid=f1a238bb-e836-4359-ae0d-3637d29857c8&overruleReferrer=&time=2020-09-23T00%3A44%3A24%2B02%3A00&ts=1600814664793

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

98bd3ecf2047736fad3dda3008af37ca5707bd35c6abf0e939582958050e8c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 607
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 i Show response
scout.salesloft.com/ 48 B
509 B 124ms
123ms XHR
application/json 54.175.222.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://scout.salesloft.com/i

Requested by

Host: scout-cdn.salesloft.com
URL: https://scout-cdn.salesloft.com/sl.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.175.222.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-175-222-188.compute-1.amazonaws.com

Software

Resource Hash

1159d6f28e25deabbc180202fba95a700a3256d3b495a1fbbe61396c2f0d20ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 22 Sep 2020 22:44:24 GMT
status: 200
strict-transport-security: max-age=15724800; includeSubDomains, max-age=31536000; includeSubDomains
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
content-length: 48
x-request-id: 5771c8f260de0ee479cc05990cadba29

GET
H2 200 pixel;r=1152260769;rf=0;a=p-vPn77x7pBG57Y;url=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective;fpan=1;fpa=P0-470494397-1600814664926;ns=0;ce=1...
pixel.quantserve.com/ 35 B
371 B 9ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1152260769;rf=0;a=p-vPn77x7pBG57Y;url=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective;fpan=1;fpa=P0-470494397-1600814664926;ns=0;ce=1;qjs=1;qv=4f9b77f5-20200917130726;cm=;gdpr=0;ref=;d=eweek.com;je=0;sr=1600x1200x24;enc=n;dst=1;et=1600814664926;tzo=-120;ogl=locale.en_US%2Curl.https%3A%2F%2Fwww%252Eeweek%252Ecom%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-%2Ctitle.McAfee%3A%20Night%20Dragon%20Cyber-Attack%20Unsophisticated%20but%20Effective%2Cdescription.Researchers%20say%20%22Night%20Dragon%22%20was%20effective%20at%20targeting%20critical%20infrastructur%2Cimage.https%3A%2F%2Fwww%252Eeweek%252Ecom%2Fbundles%2Feweekbase%2Fimages%2Flogo_eweek%252Ejpg%2Cimage%3Awidth.157px%2Cimage%3Aheight.42px%2Ctype.article%2Csite_name.eWEEK%2Cupdated_time.2020-09-22%2010%3A06%3A22

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
24 B 39ms
39ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020091601&jk=4278227524831465&bg=!zM-lz9dYyfJotVRDs2sCAAABQFIAAAAMCgCcwZRK4fQ5n1veJsvMhcAjLSS7MxtcLi47ipdC0bDjIur5gBuljmsb5-fl5n_eV4aYV4ZRyHr1kVZhDzKLQg58wXsbg4McyNSXzwc_we7KSEtuw5IZWsC0SWzbOq0D0cfKoB7yZ-B8r2erO_l9KIen78bm82sJBO62XGyGPJ8OIpXpF5I7hrUoQ8h9g_XtsUb8ZULgSkLcvxQNS7LQmQGmPJyJBitBytoGNYhId8Z4BfoRnOy2-fC3z4p_7X5_X3vuAwhf621j0p-2A0nq70m07t5CPWrbpPgzPiWAQ5_y8WrHmni1TM4slFScREA9b9s8comgx73J4iq9u0mzwU3qYr_TM4aG6L7lfxzLawDDaxPkxnKzzoqjOri0YiTyDP0AOlKI_PlTrSuZLPVvHAbOgAv9df1-Fw8vNoiMtYSkpv4EZGN2T_sa6BHRHs3HfPaUEPBHVzUeNoF_3-eXZDfOIW-HYSZlRIIDh6gVvGY9Wx0UsgjTyxBRDc62x_IXJ9fVt-TRMOlUzlD3v8Usz0PPFba3bPgwrM0L2VjTa12kHjmHPzxuEYNBKR9s4kNL1_GwjzA1KpazjmZ_mvwsZo0oaw6rdJg7cEPY0ZnXRDX78PxtGgCGQONfj6tHpa_7jUHaAO3KGSc5wmS-KmMtfQy1Ks9xK1nGdyJnh5qk3ZbAK26mMM3bFu98Lmz_6mnBQJHRGvUwWvs5pm4Dta4v4-aMs_4t-fGO9_jWtyc95eC_pd4xWfNO3UxSBeNsHui88usN8j8LIxg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Sep 2020 22:44:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 83 B
242 B 57ms
57ms Script
text/javascript 34.253.48.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.quinstreet.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.840d44399e357e7da3f94ce724fcd35c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.253.48.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-253-48-240.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 17de28334179044b70f4ba7dd7486a66afcdebe4dc560328905092389603d667

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 22 Sep 2020 22:44:25 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=47 t=1600814665
content-type: text/javascript
x-served-by: beacon-n022-dub-prod.krxd.net

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 195 B
854 B 128ms
128ms XHR
application/json 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=f1a238bb-e836-4359-ae0d-3637d29857c8&bctempid=&overruleReferrer=&time=2020-09-23T00%3A44%3A25%2B02%3A00&ts=1600814665049

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

b7d1199406a0e02ae70db41fcb57fa5b2467cabcab643e76e18e1ca10c22a6f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Sep 2020 22:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 120
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 json Show response
tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/ 98 B
839 B 124ms
124ms XHR
application/json 52.45.148.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://tatestdrive.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.eweek.com%2Fsecurity%2Fmcafee-night-dragon-cyber-attack-unsophisticated-but-effective&bcsessionid=f1a238bb-e836-4359-ae0d-3637d29857c8&bctempid=&overruleReferrer=&time=2020-09-23T00%3A44%3A25%2B02%3A00&ts=1600814665244

Requested by

Host: tatestdrive.blueconic.net
URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.45.148.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-148-44.compute-1.amazonaws.com

Software

- /

Resource Hash

fe4b9525ae2bd029558d9fcc11e3dab1cfd0783ef9f998642c67d25b99a724bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Sep 2020 22:44:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 110
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eweek.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK Cookie set a-01eo
i.liadm.com/s/c/ Frame 439C 0
0 515ms
140ms Document
text/html 54.82.222.91
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01eo?s=&cim=&ps=true&ls=true&duid=8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.82.222.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-82-222-91.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: lidid=0e05b7a1-4e86-4298-95e4-f77dbb158763
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 22 Sep 2020 22:44:25 GMT
ETag: 1.61803398874
Set-Cookie: _li_ss=MgUIBhDNDTIFCAoQzQ0yBQh6EMwNMgYIiwEQzQ0yBQgLEM0NMgUICxDNDTIFCHkQzA0; Max-Age=2592000; Expires=Thu, 22 Oct 2020 22:44:25 GMT; SameSite=None; Path=/s; Secure
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding
Content-Length: 641
Connection: keep-alive

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=382552&ntv_pl=991393

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46,302&ntv_ui=344879bb-fd7b-465f-9b06-df576c7a670f&ntv_a=7g4GAfI1GA3yAQA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgDYbmmQV7Tco8lQQKeDoR9lojTGzfqMzCeD5r6MyaDnMfWCmJyrtOfkKisFrSDfCDT4TSKvAZhRCg0CubithDG4m4oG-c3TbiUlYlEc3IAisLD7JCVSQnxPEsJz6H5P4tQ==&ord=83747585&ntv_ht=Rn5qXwA&ntv_tad=16&ntv_it

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/trk.gif?ntv_at=46&ntv_ui=62f7e671-a00c-4b24-9367-8a1ebb4c5905&ntv_a=LfkFAcoBFA3iAQA&ntv_fl=k4_euJ5Ww-btn4yGYn2KgDYbmmQV7Tco8lQQKeDoR9lojTGzfqMzCeD5r6MyaDnMfWCmJyrtOfkKisFrSDfCDT4TSKvAZhRCg0CubithDG4m4oG-c3TbiUlYlEc3IAisLD7JCVSQnxPEsJz6H5P4tQ==&ord=1690510424&ntv_ht=Rn5qXwA&ntv_tad=16&ntv_az=UpO2dVKTtnVSk7Z1&ntv_al=o--X76Pvl-4=&ntv_ak=BNNR5USKUeUE01Hl&ntv_it

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=62f7e671-a00c-4b24-9367-8a1ebb4c5905&ntv_fl=k4_euJ5Ww-btn4yGYn2KgDYbmmQV7Tco8lQQKeDoR9lojTGzfqMzCeD5r6MyaDnMfWCmJyrtOfkKisFrSDfCDT4TSKvAZhRCg0CubithDG4CZYdyPzAt-HJ1uixTthgJ&ntv_ht=Rn5qXwA&ntv_tpvcs=&ntv_at=323&ntv_a=AAAAAAAAAA3iAQA&ntv_jtr=6&ntv_it

Domain: jadserve.postrelease.com
URL: https://jadserve.postrelease.com/trk.gif?ntv_mat=337*2366&ntv_it

Domain: www.eweek.com
URL: https://www.eweek.com/post_handler/

Domain: www.qsstats.com
URL: https://www.qsstats.com/dcs0hqs4610000ou3mn7tu0uc_5l6j/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback

Domain: c.evidon.com
URL: https://c.evidon.com/sitenotice/704/translations/en.js

Domain: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html

Domain: www.google.de
URL: https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j86&tid=UA-48216600-1&cid=1952371331.1600814663&jid=1216655549&_u=YEBAAEAAAAAAAC~&z=360180458

Verdicts & Comments Add Verdict or Comment

231 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.krxd.net/	1970-01-19 16:59:26	Name: _kuid_ Value: NqTOdpsk
www.eweek.com/	1970-01-19 12:50:19	Name: slireg Value: https://scout.us1.salesloft.com
www.eweek.com/	1970-01-19 12:40:15	Name: BCTempID Value: f1a238bb-e836-4359-ae0d-3637d29857c8
.eweek.com/	1970-01-20 06:11:26	Name: _mkto_trk Value: id:949-NYM-063&token:_mch-eweek.com-1600814664515-49661
.eweek.com/	1970-01-19 21:25:50	Name: ntv_as_status Value: 0
.eweek.com/	1970-01-20 06:11:26	Name: __gads Value: ID=0c027afdecbb722f-22a2a072e2b8005f:T=1600814663:S=ALNI_Mbm1iUkhum3uDA7g0lo-Fi__CxaeA
.eweek.com/	1970-01-19 12:41:41	Name: _gid Value: GA1.2.1093929754.1600814663
www.eweek.com/	1970-01-20 06:11:26	Name: driftt_aid Value: 7acdc7e2-014c-4220-81c3-06c0b6daffbe
.eweek.com/	1970-01-20 06:11:26	Name: _ga Value: GA1.2.1952371331.1600814663
.eweek.com/	1970-01-20 06:11:26	Name: _lc2_fpi Value: 8b76a4d438d6--01ejvztjrpdvm9s6csbn3j0pnj
.eweek.com/	1970-01-19 21:25:50	Name: ntv_as_syn Value: 1600814664
.eweek.com/	1970-01-19 21:25:50	Name: ntv_as_adb Value: 0
www.eweek.com/	1969-12-31 23:59:59	Name: DC Value: SFDC
.eweek.com/	1969-12-31 23:59:59	Name: inject_params Value: WT.qs_dlk=X2p@RcEDS7zaYBhNJCWu1AAAAB8&
.eweek.com/security	1970-01-21 08:28:14	Name: ntv_ce_visitor Value: 90b4d6fe-82a3-4e14-804e-b49b1af271cf
.eweek.com/	1970-01-19 21:25:50	Name: ntv_ce_s2p Value: 1
.eweek.com/	1970-01-19 21:25:50	Name: ntv_as_visitor Value: 8146aea9-8f12-4090-8fb5-f5ddb7dc9024
.eweek.com/	1969-12-31 23:59:59	Name: WMUUID Value: X2p@RcEDS7zaYBhNJCWu1AAAAB8
.eweek.com/	1970-01-19 12:40:14	Name: _gat Value: 1
.eweek.com/	1970-01-19 21:25:50	Name: ntv_as_ver Value: 1
.www.eweek.com/	1970-01-19 13:23:26	Name: __cfduid Value: da304ab1d00b1eac6bc5fe187016e86091600814660

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 91) Message: QS: DFP GPT Code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 94) Message: QS: DFP Tag Code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 98) Message: QS: Evidon Code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 168) Message: QS: Krux Interchange Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 170) Message: QS: Krux Control Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 172) Message: QS: Krux Data Layer
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 174) Message: QS: Krux Consent Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 178) Message: QS: ML Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 182) Message: QS: GA Tag
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 187) Message: QS: DFP Visibility code
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 319) Message: QS: Checking for consent data
console-api	error	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 174) Message: SF DMP: [object Object]
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 319) Message: QS: Checking for consent data
console-api	debug	URL: https://munchkin.marketo.net/159/munchkin.js(Line 22) Message: Munchkin.init("%s") options: 949-NYM-063 [object Object]
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 319) Message: QS: Checking for consent data
console-api	log	URL: https://tatestdrive.blueconic.net/frontend/static/javascript/blueconic/blueconic.min.js(Line 132) Message: [BC]Item will not be scraped due to missing publication date
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 319) Message: QS: Checking for consent data
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 319) Message: QS: Checking for consent data
console-api	log	URL: https://www.eweek.com/security/mcafee-night-dragon-cyber-attack-unsophisticated-but-effective(Line 366) Message: QS: Consent data is not ready - moving on

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

901e86046eff7c57bae7503e9f2d8d57.safeframe.googlesyndication.com
949-nym-063.mktoresp.com
aa.agkn.com
addevent.com
adservice.google.ch
adservice.google.com
b-code.liadm.com
beacon.krxd.net
c.evidon.com
cdn.krxd.net
consumer.krxd.net
cse.google.com
eweekcom.api.oneall.com
fonts.googleapis.com
i.liadm.com
jadserve.postrelease.com
js.driftt.com
marketing.technologyadvice.com
ml314.com
munchkin.marketo.net
ntvaim-a.akamaized.net
ntvcld-a.akamaihd.net
pagead2.googlesyndication.com
pixel.quantserve.com
platform.twitter.com
qls.qsstats.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s-jsonp.moatads.com
s.ntv.io
scout-cdn.salesloft.com
scout.salesloft.com
secure-gl.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tatestdrive.blueconic.net
tpc.googlesyndication.com
www.eweek.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.qsstats.com
z.moatads.com
c.evidon.com
cdn.krxd.net
jadserve.postrelease.com
www.eweek.com
www.google.de
www.qsstats.com
104.111.250.210
104.111.252.228
13.224.193.72
136.243.63.184
151.101.114.133
151.101.14.133
172.217.23.162
18.133.35.94
185.33.220.240
192.28.144.124
2.16.177.49
2.16.177.56
2.18.234.163
2.18.235.40
207.189.124.19
23.111.9.64
23.37.42.150
2600:1f18:730:b110:b216:4622:d058:b1a9
2600:9000:2057:4400:1e:a43d:b640:93a1
2600:9000:20e8:d800:6:44e3:f8c0:93a1
2606:2800:234:59:254c:406:2366:268c
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:802::2001
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:817::2001
2a00:1450:4001:819::2004
2a00:1450:4001:81f::200e
2a00:1450:4001:820::200e
2a00:1450:400c:c07::9a
2a02:26f0:6c00::210:baa3
2a03:2880:f11c:8183:face:b00c:0:25de
34.249.122.179
34.253.48.240
35.171.210.100
52.214.212.174
52.45.148.44
54.153.50.250
54.175.222.188
54.82.222.91
70.42.23.90
00214ae0d2c14c8e74484c9359a36fe5cf6b6d85c699df9d60283f1097a0a218
0045a3acad18d7644c8213b8d216105742a9de3cda88591ba6ad9830d7ff12fe
02ed3134da719e80bb8809b96915b4d588ac1f07cfa2859f3bae45214f147cfb
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06aabc2e68363052a34bb066da80dbd7b971e3da6cb54306eff4033a7fba9c72
07699c8e69a547fc8a508829645a838351cb2d5112d44d4a4c0bf871bfcda515
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
095a2d2249784048febd91d6a39050db9e8ea2b707897b6c9060e50fd6b28e83
105b81f0193bd01aa1c9bda24a58047bb59fa1b0f62a154d097744a6deb527f5
108462062f01ca062c79b342b445d6e9564ced0dbd7d5b7705521899c29c492e
1159d6f28e25deabbc180202fba95a700a3256d3b495a1fbbe61396c2f0d20ae
126a147b90e2460eee5b0e207e80456557bc7fd884daa131c5627776e69b9af1
16e652e5898c4aec8274a83c933c9b3c8bfc5c469ddd5b7aa84336fb57e2e4ea
17de28334179044b70f4ba7dd7486a66afcdebe4dc560328905092389603d667
1815b8f900173a80efc189b945bca8073e1d033929b505e08413a02abc49639b
195bec532674d8102c3047fbc17b6855cbbdff745ac93f21539ec3a518cfba73
1ecc528c7da2e95c3e5c1b0404fd4c43c5197c65db42e943a12319161cba038d
211906850940241b34bbeffcf43af5f8b1b0d176c09a2e7f67f2ce3194680bcf
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
28e654205749c77ca7c0892a49a8a74e9d0c58629c2184285d140341e1247944
29e8982e47217475e318e60213fb065421a21257fa4f854eb28ef8fa6a70cc8f
2e93ce556067b7b36614268b2800f434ec9bf82b67bd11fc4c7153816e2e205d
2f5612464becb086f617f071035c72675b665fbd6aa6e747d99ddb42fe08102d
31f991334889e4bbcf622f2b94d5f6944e0b53fbcaa81c527b7d8a5043cefc39
34d87b5c55c884c6d98a650dd8cccb4345ffe7a762e24c72ca6559ec1cff81b3
357aa475a6a8f7ceffec431a71a1f786def9cdbde965856ed45f33dbe26fd1df
3be81ab15cc2905d3ef54418cd0fa664e85d19c4a5550e28b071a39bd1316070
403bfa21e733c139da9d7d87c48fa0ebbed91514fbbadf34cbc455294a004389
4077cb19b67aedd5a226e7ea3be91669631a13660397e81dc5e4834b3ac440a3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
56f7c16a284fa1becd116099585108dba842f55074f664a428a7897bb642a3f2
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
59c6c43d90eb9974f95bb085ed07e51c62235274f1070b125213d32f062b9456
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
60863e86aa7743d1ac841da7f473a05cd57fba81d661cef658e385437f80d5ef
6135092bdc3632a769ce90dda6ba2e96865dc27f0705f22b533aebd8495bb954
630eb3990531002971601a95ae393ca1ed281c472bb53863630954d695ff3234
630f07cf188ac38eecaa775a423df55e225f125ea75198214c56ba1fcdc9c836
659877c31966dec662ceccd15e1c68c4aff8e07bc6936f53081656c7a11725da
6d7127456a361c6ab8741b2b18d43f35fc0c19adad10b89f4be31fdb7d18f8eb
6db70420f618dbfefc062a252474df6bad80c5d1a98f1f7227da0252ff709172
6fa9fdd6f8641bfe232255949322b59f913230c64aedb9415f3738d5c992287f
727d4e6b87cda4d9b44dbaff82384b06a2b6056e8f16bc7ab9633e74c53b2786
73575a61aac2526dde9164663374aaf9c3e6b036803ed35df5bed50ff8aae2e0
774f49ed7464c8fbc90f12764f881cfbf6f08d3429f06d9d883d69684711be18
77c82b7624c53390b639f3d653ee9e132ba223e8b1c2a1600c91c2f7d0ee7e99
7ae714b63c2c8b940bdd211a0cc678f01168a34eea8aa13c0df25364f29238a7
7bc11e666c27496a16d383628b30962882e3d258c54602d4a8ccc7e31a3a8f4a
7c45f3e74663832088facc6c859531361fbd44adf7f6cefc20e5196859db758d
7c465bc31de7536ca4aa8837834f3931b067dfb125db2a846808a5e9296f7af6
7d4f2837d902141b4eeb9d40f042ae23d33d5d007f29fd85a2cee1c5cc79247d
7e9190d607f09f91f8fa02bbece2164eecc173cc915b7beb326b924831c17229
800c86bf71a2e4f20c520588419f277abd4d0e4c04c1661ea358956954c56546
82bb5b0cf35374b4d02d75f64b53cbdb43cf5f3699b46e93e8320f3d6bab67e1
83758d2cb76db5959d56d92fc255a576142e71bd3e58860c101586a631ad7444
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
89803bc1d2712cb3a3fc6587c92ca0ec0dee740545221c2f8f18c4f22719e7c7
8a7d82ee537b87a9fc39b72d463e6e886db3365aeca83b7cea136e6887869707
8a94aedff5853b3c57bda813b33ac9d93234ab0ffc5baf5bcd90e3a085285454
8ea510facb5e675b142cd3d087a6f74194db466ed4030f0d4209c58c3d902182
8eb58ed1b11da02cd660446e09a8e1254bc6ee7c794ad5f988781942f0eac93e
8f7538d138e8880adf91b22309de2542c8779d3a77db830606b56c7f1a7b9591
92451f37ce43d54ccaa4a6bd84cb5252142b2ae7c71fc7bec6309c54ce34e039
98bd3ecf2047736fad3dda3008af37ca5707bd35c6abf0e939582958050e8c13
9c4d3870ac21dd458fcff44099a748c1036728ccba811af4e5b29ef8f9c66d0d
9f31a3904b1a7dd795a179176a46d020e3f64cc6c11c006621dbdda761af4b21
9f3ec013f50507b977e6a1529d85d410e7f116e2a514f63851c5a1ed43bdbc3d
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1ed70a156b6fb446289a7db193708b2f8328d3f521c87a29589c4ba6467b521
a34de1a7fa8ea23a916005e590bf982aa4fb0f645a6fa908c4144bd7074148ee
a7132b8173ba40704591322814f9bb7356db7c6f87603ce915ba22702bd59423
a761b426004caba495cdac2c93ce7dd306c47bc4d7bdc63c4840c3d8182396a9
a959317813b70f3a91aceafa835bee05b1cf81ca27f7d2b7acbaed4a9c7a8762
a97213d63d7f4864ebcd32ef9d3ebdb0d3bd2413f82172d3865b8fe4293a0169
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ad7de7ea27997bcc80fa05b8d39603a51ad4b86ae222074e6f58728a665c061c
ad9b95dc8aec99a5335567c6f5f6df98de9a73db72d236b20363d94674ec65f8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1109f4331a2b98162695b55b54a61fb6b0d010e90ab72ecc4543c89f617fa90
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b61d7ce88dbb1335d8f4f403de85aae5b66bef71d9377978f59d2f176b8dc66f
b7d1199406a0e02ae70db41fcb57fa5b2467cabcab643e76e18e1ca10c22a6f4
ba7aa3f06edc17169cb0c6a4aad2eeab13cdad5a1cc6867a47d3cba6de6bc363
beb36b2bf3877f5fc4d444efe075d5f160ce18020e4f95b14b2a48bc8d0efd29
bf4ea0b5cecc6e6abe221559004b6910dfdf0296e1ff4664edae80b8ac61ae5c
c35b9563381534d1fc6e7a8fd8b11f5e55de5c0de1cbeb3c6a49113beac97b8c
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6a5d2591905b6baf5a6b023375e4624b6bb303968fe1795954aeb17068a67c
cb1f2226406c6cd7aa94d38eaaefff80ba489adb940d76bd4a3c63cd8d0ad027
ccb11d973cc6943c9e2d3d2ae840734b9f7cb1b8e323fdcbb2a996637365b594
cd5957cb688ef7b514e3556880a582b9e6488e4945ad601cd4af5d5484715664
ce91f5b5be9bdfa865d86c8a3ab6e14fee3513d78c6ff0dc22c0bcc743c441a9
d0109a226b4def4583eb68fbbac17e52bf881218cd9b0ef70415fe76739ecb4c
d429e18a60775afd101e216069441c1dd97cdb28a0bcb73fee92ebeea38f2f2b
d4e5c9515c0f11cde167aa8aa3da2e9993b010ceb7a6b7f701103c09cd7b6fb4
d5a08348c1e08dbd9917320b04e278317938e10c9a3f92ee33b89adee147a425
d8b6042c1ce49cdf56b28be5bceded68654e45f53d6ef44a5dea6c45cf97158d
da2a886af209510dc91dcf9567dba3c2bf1e39c7891346419f11e513823594cd
e05ae076790852a21a47535d8a06e4ebdfc3079536d9c3f9f91d9f5b29303f0e
e3664dafc16b041a5b91f26965ae2375e96d2a5a06af7aa8e47794c9f87bd9b1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e3b381f9da22cbdb016fd658f887133fdc4ee68f84b2fb3ec71bb0454067ca
e85fd001f02b918f34b4e788ed7d934e80c34d80285a00524039331240412fce
ee8c9350f2dc014c1df691ec938fef7918710173eaeee6ecdc82443d3d1bd9a3
eede7b7303beabc2bd639da847d964f1d76fe29427796e5546f9a8d4208e6e8d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4f1c289574cf82e3c9a105eed622581dbbaf12df6e8ec47bb61aa381afc3a0
f8ac77d0c47d6b70130e96f0d6e87969ad5f2c5aea4f15fa0ea647fc7ed9813a
f9a0442eaa10b4381d4813fdd7bec41dfad30a48640c57592a00c1541b157add
fb28f48ed273b14fbdc519651dda4f386de013f57781302d15b8da68970b84fe
fc9c7e7528482e7e2a663a42452ca37a332b4da1b096352a3e93f151c5ea4489
fd249edeb03976f66c2118f0f87d1922af303a0ba74165f63f1859df9ede234a
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c
fe2705203130628a9261d211b97911d2431500a8486e4f461da2403366db31b3
fe4b9525ae2bd029558d9fcc11e3dab1cfd0783ef9f998642c67d25b99a724bd

www.eweek.com Open in urlscan Pro 23.37.42.150 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

165 Requests

94 %HTTPS

37 %IPv6

34 Domains

48 Subdomains

38 IPs

6 Countries

2658 kBTransfer

5571 kBSize

21 Cookies

18 Outgoing links

Page URL History

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.eweek.com Open in urlscan Pro
23.37.42.150 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

94 %
HTTPS

37 %
IPv6

34
Domains

48
Subdomains

38
IPs

6
Countries

2658 kB
Transfer

5571 kB
Size

21
Cookies

165 HTTP transactions
4 data transactions