URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Submission: On December 16 via api from TR — Scanned from IL

Summary

This website contacted 32 IPs in 4 countries across 23 domains to perform 103 HTTP transactions. The main IP is 13.32.99.111, located in United States and belongs to AMAZON-02, US. The main domain is www.infosecurity-magazine.com. The Cisco Umbrella rank of the primary domain is 484581.
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on September 4th 2024. Valid for: a year.
This is the only time www.infosecurity-magazine.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 13.32.99.111 16509 (AMAZON-02)
14 142.250.185.98 15169 (GOOGLE)
2 151.101.129.229 54113 (FASTLY)
4 184.24.77.144 20940 (AKAMAI-AS...)
9 104.18.86.42 13335 (CLOUDFLAR...)
1 184.24.77.146 20940 (AKAMAI-AS...)
5 142.250.186.40 15169 (GOOGLE)
1 104.18.32.137 13335 (CLOUDFLAR...)
1 4 172.217.23.100 15169 (GOOGLE)
3 142.250.184.206 15169 (GOOGLE)
2 184.24.77.43 20940 (AKAMAI-AS...)
2 157.240.252.13 32934 (FACEBOOK)
1 146.75.116.157 54113 (FASTLY)
2 34.117.77.79 396982 (GOOGLE-CL...)
1 142.250.185.97 15169 (GOOGLE)
2 5 13.107.42.14 8068 (MICROSOFT...)
1 142.250.184.194 15169 (GOOGLE)
1 5 142.250.184.226 15169 (GOOGLE)
1 1 172.64.146.215 13335 (CLOUDFLAR...)
2 157.240.253.35 32934 (FACEBOOK)
1 216.239.32.181 15169 (GOOGLE)
1 64.233.184.154 15169 (GOOGLE)
3 216.58.206.35 15169 (GOOGLE)
6 142.250.185.225 15169 (GOOGLE)
12 142.250.186.98 15169 (GOOGLE)
1 162.159.140.229 13335 (CLOUDFLAR...)
1 104.244.42.3 13414 (TWITTER)
1 35.175.32.137 14618 (AMAZON-AES)
1 162.247.243.39 54113 (FASTLY)
1 142.250.185.194 15169 (GOOGLE)
2 142.250.185.193 15169 (GOOGLE)
1 185.221.87.23 54113 (FASTLY)
103 32
Apex Domain
Subdomains
Transfer
20 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
td.doubleclick.net — Cisco Umbrella Rank: 182
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
224 KB
19 googlesyndication.com
cbacde534710f034e82cea4d3ea43cde.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 173
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
245 KB
11 infosecurity-magazine.com
www.infosecurity-magazine.com — Cisco Umbrella Rank: 484581
assets.infosecurity-magazine.com — Cisco Umbrella Rank: 758667
101 KB
9 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 329
215 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 333
www.linkedin.com — Cisco Umbrella Rank: 676
4 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
analytics.google.com — Cisco Umbrella Rank: 142
88 B
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
444 KB
5 typekit.net
use.typekit.net — Cisco Umbrella Rank: 460
p.typekit.net — Cisco Umbrella Rank: 571
93 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
20 KB
3 google.co.il
www.google.co.il — Cisco Umbrella Rank: 35336
626 B
3 ml314.com
ml314.com — Cisco Umbrella Rank: 1917
in.ml314.com — Cisco Umbrella Rank: 13563
13 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
215 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
77 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 831
20 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 318
40 KB
1 nr-data.net
bam.eu01.nr-data.net — Cisco Umbrella Rank: 10483
642 B
1 newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 623
19 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 991
393 B
1 t.co
t.co — Cisco Umbrella Rank: 904
630 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 96
3 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 1016
16 KB
1 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 514
307 B
103 23
Domain Requested by
14 securepubads.g.doubleclick.net www.infosecurity-magazine.com
pagead2.googlesyndication.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
9 cdn.cookielaw.org www.infosecurity-magazine.com
9 www.infosecurity-magazine.com www.infosecurity-magazine.com
6 tpc.googlesyndication.com securepubads.g.doubleclick.net
5 px.ads.linkedin.com 2 redirects www.infosecurity-magazine.com
5 www.googletagmanager.com www.infosecurity-magazine.com
www.googletagmanager.com
4 www.google.com 1 redirects www.googletagmanager.com
www.infosecurity-magazine.com
4 use.typekit.net www.infosecurity-magazine.com
use.typekit.net
3 www.google.co.il www.infosecurity-magazine.com
3 td.doubleclick.net www.infosecurity-magazine.com
3 www.google-analytics.com www.infosecurity-magazine.com
2 ep2.adtrafficquality.google www.infosecurity-magazine.com
2 googleads.g.doubleclick.net 1 redirects www.infosecurity-magazine.com
2 www.facebook.com www.infosecurity-magazine.com
2 ml314.com www.infosecurity-magazine.com
2 connect.facebook.net www.infosecurity-magazine.com
2 snap.licdn.com www.infosecurity-magazine.com
2 assets.infosecurity-magazine.com www.infosecurity-magazine.com
2 cdn.jsdelivr.net www.infosecurity-magazine.com
1 bam.eu01.nr-data.net www.infosecurity-magazine.com
1 ep1.adtrafficquality.google www.infosecurity-magazine.com
1 js-agent.newrelic.com www.infosecurity-magazine.com
1 in.ml314.com www.infosecurity-magazine.com
1 analytics.twitter.com www.infosecurity-magazine.com
1 t.co www.infosecurity-magazine.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.infosecurity-magazine.com
1 www.linkedin.com 1 redirects
1 www.googleadservices.com www.infosecurity-magazine.com
1 cbacde534710f034e82cea4d3ea43cde.safeframe.googlesyndication.com www.infosecurity-magazine.com
1 static.ads-twitter.com www.infosecurity-magazine.com
1 geolocation.onetrust.com www.infosecurity-magazine.com
1 p.typekit.net use.typekit.net
103 34
Subject Issuer Validity Valid
*.infosecurity-magazine.com
GlobalSign RSA OV SSL CA 2018
2024-09-04 -
2025-10-06
a year crt.sh
*.g.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2024 Q3
2024-07-30 -
2025-08-31
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-12-10 -
2026-01-10
a year crt.sh
cookielaw.org
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
*.google-analytics.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
geolocation.onetrust.com
WE1
2024-12-09 -
2025-03-09
3 months crt.sh
*.google.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2024-12-02 -
2025-12-01
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-24 -
2024-12-23
3 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-06-25 -
2025-06-24
a year crt.sh
event-horizon.gcp.bomm.in
WR3
2024-12-15 -
2025-03-15
3 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2024-10-14 -
2025-04-14
6 months crt.sh
*.googleadservices.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.doubleclick.net
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.google.co.il
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
tpc.googlesyndication.com
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
t.co
E6
2024-11-26 -
2025-02-24
3 months crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-08-19 -
2025-08-18
a year crt.sh
*.ml314.com
Amazon RSA 2048 M02
2024-09-14 -
2025-10-11
a year crt.sh
js-agent.newrelic.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-03-21 -
2025-04-22
a year crt.sh
adtrafficquality.google
WR2
2024-11-04 -
2025-01-27
3 months crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1
2024-07-12 -
2025-07-11
a year crt.sh

This page contains 12 frames:

Primary Page: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Frame ID: B2D29BAA7E211505EB3861D5612181D6
Requests: 71 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.infosecurity-magazine.com
Frame ID: 6EC9AE551C875E9AC0C88C3E1AA25BD6
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: B975EBE2784DE53960BA09DDCE8261DE
Requests: 1 HTTP requests in this frame

Frame: https://cbacde534710f034e82cea4d3ea43cde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BAB5B395F4936E74B5C835A870A5706D
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/875375440?random=1734367770139&cv=11&fst=1734367770139&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: F75FE7520D7F6FC164D281791B1B9327
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-8VSXE5KKGM&gacid=1167938268.1734367769&gtm=45je4cc1v898772242z878347448za200zb78347448&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=791757358
Frame ID: 0B71CB04B9D6A337BF2A7106659B89B4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudAb1Jlcbro5of3TKoUeluLkHQDiB3Wj7MmcMrvE91zX13xH3kOq5UJPC3_Uhl1vhdDu_eEHMjC4_g9k64sZXphcbr9DBZtqSRv297ki0fGNuNPMfsM-o8sl38M2GmQAKte1_zrKGiK83-D9rbIU7VjmuGuBL9vEuPemSRTpbu2d8yRCTkxhc0w1OXbACCuF5k7897pyi2s7X9_2Epph_UhoRC2oBNE8QzfCx7BVDz2Wm9Za-5tcMQUizN_X1CGoSs5giZK6zTMiucxFkkO1nnusGDoWfk9xiFtRoIqMosYa-8Us2OhUoWkfqdTHvEKvGwMNjRJ_J-Nq1S8WnWiZ159VxjN_Cm_A2XmH3NJrfYbHem0YXWtbvtILqAMMgwA24XriC42SsO6adJ7Dak9T8LRzCwPyMSqPlJWAX4r-RDlRg0geQ4SLpdlQmIe4wpA4i3ibMrEaBf&sai=AMfl-YRsujtnjSe_OFNVVm4jJ0V3QNsU4JaBQzYe5zA4t8J0EHlt-RV27AdXb8S5dKHQ0wbiMZRNIvBJIUpKNpVbqWslWLEdvr6Ws0OxMjJkMoNhTE1X4qwlChlxYolAuTPQMwaFSsL4KC-zcN7ec83LOQ&sig=Cg0ArKJSzPXwLjqsokU7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 431B8CA95EAE174D21FA27B9931C1C1D
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYp66JIUeEFSTAVcoPYBsy-KjNg3-8N2eQaiA0UkEHOpZfSTW6CHl_bwXVTNnlOOQrjOY7gR1oB-xEPN9RagR6BX4tr68MTFgfYmZF6wgCc3F4u7hWLUCQ2zLk_sAqnARZPpJBt9_YUq9YpO6swAPjA9-dCSSsLfmE3cfDm_DO9xhpGHvob_ImuRQixYQRAUXEYS0rSEi1iG_vGbqdcNWsY0Sz50xFKVQtNnVLcyzlMrtJaFBI7851EnDjitK-tFSQRHHLs4JW33T7mFV1ZU6dMQsc2iGcSR8Q9KTOHAujN-PQFToFndoTCMCGmlXvponCMkg5EozkemV5RdivjCjht0nZbPD9WsGZijrYKiUxlzlVF9PjD00nLSkNtgpwoZAYhwLgZ4sTwTcM3sKs6aDp7FPBxDHpligTzbWS-cBI3Yx48u0xwTCIN74qnT7XzEmxoe3MuZRT&sai=AMfl-YRFPEavoOx0GH2HtEkXM_NklOcuDk0FrE34c8YpOQZNu1QLK224t2e7rxZaRbWsXP72eR-lHlinI0KNyyx8VTIZccwiUQF7-KEgbETuYAfO9O1584sbiXs2sK0jNvb9E6RTyAzhXMcIG5z-PDB_&sig=Cg0ArKJSzD94M_0g1vygEAE&uach_m=%5BUACH%5D&adurl=
Frame ID: 6B1B7A5CA6A4BF1E836A743D8DA49B48
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRLI3z2IUENhVkNXPGVM0vpjtdkskKcBu4Ov8nA3ihqRbzYNQzg0ISc_Z51RZbxcS_n_zp9rU1XC7l1gVHPoPoa2h1ed2IBqvqysKiwU7wm0flsxmXnGuDRHsSQKAVjtAJdcksLKZ1ZluQoRyJAfTdqGiZWEVNxsm8dc4mQ1wwfh2rt_fksL251fQp3wSLfv5hdSOZSw5JL_QSiCusZM3ZXSqEXdi0bS6y9IRjLWUQxeW2vssNh81YLJa6xs52-kdGVV6uR-p58H94_0yeCbRBw-6CGBrt6I8hWGNLdrutwCyFpqHaYqW7ERYa3EWJboFKpZodqGoE_-L9eEhd_qVOBrhGbHgFU97tOkJ5jacMS1996AjICcXzOdorj8U1XlHa3ge6zzEgcxgEaNB_2d_b5XH7-A_ytC3d5_mJ5yWoOJ7-eYoqavrFxxltVnTzgDqQkfCOz4Or&sai=AMfl-YQ8OKDAy5L0hfh4fRkmDLLWF6Gtwz6z9VckovwB3OTkGLFGydQHiV2mC_owFdyVhXKEa6miO6fQjxqteCvjyq-94mQXXrH6L9VmqnVJ4ZZBEXnTObsvIpav3lGCJEFTNOiFreqHpOwRpDtNmQfjlw&sig=Cg0ArKJSzDl1kv1hqIz7EAE&uach_m=%5BUACH%5D&adurl=
Frame ID: A58BD2DC55023729984F1D48D90D76FA
Requests: 9 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/875375440?random=1734367772059&cv=11&fst=1734367772059&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: 1FB6E72DF650D2E53B9D70F34516894D
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 06A22582FB2444753BFC298BBCB13282
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2F61B3F95E9E9332E18B98AD032CF1B5
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Fake Captcha Campaign Highlights Risks of Malvertising Networks - Infosecurity Magazine

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js

Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

103
Requests

97 %
HTTPS

0 %
IPv6

23
Domains

34
Subdomains

32
IPs

4
Countries

1554 kB
Transfer

4829 kB
Size

23
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tm=gtmv2 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tm=gtmv2&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5460932%26time%3D1734367770374%26li_adsId%3D18e865bb-1fe1-4755-b9b1-3a338fa18076%26url%3Dhttps%253A%252F%252Fwww.infosecurity-magazine.com%252Fnews%252Ffake-captcha-campaign-risks%252F%26tm%3Dgtmv2%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tm=gtmv2&cookiesTest=true&liSync=true
Request Chain 74
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&eitems=ChAIgLz_ugYQhsK70YnlyZZCEh0ADbz98zxZn4RuLNFkVdBYciXdi_8s13bGajMICA&pscrd=IhMIufmHt9-sigMVp94RCB1iFzEiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEFJZ0x6X3VnWVFoUE83NjRMV3hzMVVFaTBBU2xiZlA1anRpYV9LcHc4ZTlPdkFFTV8wSlRLaTdHRmlfN0I1VTJyMEVJVDRSaXJPbVhycGZmR2dNUjQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIufmHt9-sigMVp94RCB1iFzEiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEFJZ0x6X3VnWVFoUE83NjRMV3hzMVVFaTBBU2xiZlA1anRpYV9LcHc4ZTlPdkFFTV8wSlRLaTdHRmlfN0I1VTJyMEVJVDRSaXJPbVhycGZmR2dNUjQ&is_vtc=1&cid=CAQSKQCa7L7dfBK1SUJZ1PNyheZIbWQ05dbQEjdFAfdfQtO7lWLYjt3dfj0H&eitems=ChAIgLz_ugYQhsK70YnlyZZCEh0ADbz98-cAd4eDMyayCQun2okyIaL0cT0L3lcM5Q&random=3153316715 HTTP 302
  • https://www.google.co.il/pagead/1p-conversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIufmHt9-sigMVp94RCB1iFzEiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEFJZ0x6X3VnWVFoUE83NjRMV3hzMVVFaTBBU2xiZlA1anRpYV9LcHc4ZTlPdkFFTV8wSlRLaTdHRmlfN0I1VTJyMEVJVDRSaXJPbVhycGZmR2dNUjQ&is_vtc=1&cid=CAQSKQCa7L7dfBK1SUJZ1PNyheZIbWQ05dbQEjdFAfdfQtO7lWLYjt3dfj0H&eitems=ChAIgLz_ugYQhsK70YnlyZZCEh0ADbz98-cAd4eDMyayCQun2okyIaL0cT0L3lcM5Q&random=3153316715&ipr=y

103 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
98 KB
25 KB
Document
General
Full URL
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
b9e3e437a05d1f4b147fe559b8f22278ced601f2f597664f9c8e78d9750bd20b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
*
age
268
cache-control
public, proxy-revalidate, max-age=300
content-encoding
br
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
content-type
text/html; charset=utf-8
date
Mon, 16 Dec 2024 16:44:55 GMT
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
last-modified
Mon, 16 Dec 2024 14:00:10 GMT
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
referrer-policy
same-origin
server
RX
vary
Accept-Encoding
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-amz-cf-id
0LSW1LviTTL8ArK1Wf3HuIDOssH0rYwf8YQkjL5vwjscBWX98G1nLw==
x-amz-cf-pop
FRA60-P3
x-cache
Hit from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=Edge
x-xss-protection
1; mode=block
gpt.js
securepubads.g.doubleclick.net/tag/js/
103 KB
33 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3ff6c94500c968027f92ab3d9e099c61e246eacc1cbc5bf8a2d5ec30244420c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
632 / 20073 / m202412090101 / config-hash: 16775640167977932469
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 16:49:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 16:49:25 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33435
x-xss-protection
0
server
cafe
jquery.min.js
cdn.jsdelivr.net/npm/jquery@3.7.0/dist/
85 KB
32 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@3.7.0/dist/jquery.min.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"155a6-Wp7qw02G6S5WYOD0+HIE8e0Mj/Y"
age
2271727
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Mon, 16 Dec 2024 16:49:25 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230072-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
32087
x-jsd-version
3.7.0
underscore-min.min.js
cdn.jsdelivr.net/npm/underscore@1.13.6/
19 KB
8 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/underscore@1.13.6/underscore-min.min.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.229 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bb20d24b99fd1eae4fd77c1e833ce0a4536189961ceb1114fd272ca31e8ebd82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
*
content-encoding
br
etag
W/"4d5b-1Barardb3Bq5uc0bP3wXZk8NDAQ"
age
1740419
x-content-type-options
nosniff
x-jsd-version-type
version
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache
HIT
date
Mon, 16 Dec 2024 16:49:25 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-fra-eddf8230072-FRA
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
8075
x-jsd-version
1.13.6
phq8nwg.css
use.typekit.net/
11 KB
1 KB
Stylesheet
General
Full URL
https://use.typekit.net/phq8nwg.css
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
85b50ffe6b0cb56f765532dbac925599ddd984fcaefb0e2590099105dbd044da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
cache-control
private, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1297
date
Mon, 16 Dec 2024 16:49:25 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
base.min.css
www.infosecurity-magazine.com/_common/css/23080201/
66 KB
10 KB
Stylesheet
General
Full URL
https://www.infosecurity-magazine.com/_common/css/23080201/base.min.css?v=23080201
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
c08e633b39381743b6e6bca9c5922e9aa9ba5f3044c29031b0076a47b4af1927
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/

Response headers

content-encoding
br
etag
W/"9d79ff944229db1:0"
age
43282
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
MpsMj5TdU67xzQh1BbkTKkDio_dhsY8u1mRla2eHyNlPFK9pknpZIw==
date
Mon, 16 Dec 2024 04:48:02 GMT
content-type
text/css
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 14:06:28 GMT
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
article.min.css
www.infosecurity-magazine.com/_common/css/23080201/
5 KB
3 KB
Stylesheet
General
Full URL
https://www.infosecurity-magazine.com/_common/css/23080201/article.min.css?v=23080201
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
778f93243401b2fd6663834b51f4d3f32012d6ee11f40f6169af721331bd1682
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/

Response headers

content-encoding
br
etag
W/"d2a74d954229db1:0"
age
25660
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
fLJmHuyG2WIC5YG29eVCyoevfEA4BK0QW-qfdDT3Yc1lZGEncKnY1Q==
date
Mon, 16 Dec 2024 09:41:44 GMT
content-type
text/css
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 14:06:28 GMT
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
otSDKStub.js
cdn.cookielaw.org/scripttemplates/
22 KB
8 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
UzmBk0Ra4K9he+CwjGKb/g==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD1BF06242194D
x-ms-lease-status
unlocked
age
21077
cf-cache-status
HIT
x-content-type-options
nosniff
expires
Tue, 17 Dec 2024 10:58:08 GMT
date
Mon, 16 Dec 2024 16:49:25 GMT
content-type
application/javascript
last-modified
Sat, 14 Dec 2024 03:35:41 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
8f37caf0-301e-00c3-53d9-4d1ac9000000
cf-ray
8f302aa3ce9cc22e-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
7211
x-ms-blob-type
BlockBlob
server
cloudflare
ism.js
www.infosecurity-magazine.com/_common/js/23080201/
5 KB
3 KB
Script
General
Full URL
https://www.infosecurity-magazine.com/_common/js/23080201/ism.js?v=23080201
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
fded88b84aecf0d550b1d26a85a971351a138a573dbd6bd88cb646de1e7ab42a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/

Response headers

content-encoding
br
etag
W/"6a124d46ac6d91:0"
age
33356
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
AVwyNVTgQaMHWltlEOGDUGA-F_YNMVxe70cJqV47BQF_gXBjGUHUmA==
date
Mon, 16 Dec 2024 07:33:28 GMT
content-type
application/javascript
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary
Accept-Encoding
last-modified
Thu, 03 Aug 2023 12:59:01 GMT
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
ism.ads.es5.min.js
www.infosecurity-magazine.com/_common/js/23080201/ism/
6 KB
3 KB
Script
General
Full URL
https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.ads.es5.min.js?v=23080201
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
cbe5296bf61f4ee88ecab204fe1ec3a144660caa32b71d9744f01102286df62a
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/

Response headers

content-encoding
br
etag
W/"9afc29a04229db1:0"
age
55172
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
aOooCZvXV_C-HL2ipBV_Tskun_F2pxpVT2hAFaatofpf5gcno6L6CQ==
date
Mon, 16 Dec 2024 01:29:53 GMT
content-type
application/javascript
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
vary
Accept-Encoding
last-modified
Mon, 28 Oct 2024 14:06:46 GMT
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
ism.whatshot.es5.min.js
www.infosecurity-magazine.com/_common/js/23080201/ism/
851 B
2 KB
Script
General
Full URL
https://www.infosecurity-magazine.com/_common/js/23080201/ism/ism.whatshot.es5.min.js?v=23080201
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
ecde3c0d9f4721fd5bc3989d1e6103966b836786849f65ead031a1c758687ef0
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/

Response headers

etag
"478da9f4229db1:0"
age
28663
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
hj1Vgp2cN_68ahmt83k2KZeVqpmdc4VwWfzlQKA16uuz54Pa1j3Ilg==
date
Mon, 16 Dec 2024 08:51:42 GMT
content-type
application/javascript
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
last-modified
Mon, 28 Oct 2024 14:06:45 GMT
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
content-length
851
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
p.css
p.typekit.net/
5 B
172 B
Stylesheet
General
Full URL
https://p.typekit.net/p.css?s=1&k=phq8nwg&ht=tk&f=15982.15984.37450.16353.37464.37466.37515.37516.37517.37518.37519.37520.51838.51839.51840.51841&a=6157095&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.146 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-146.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=604800
etag
"674c5a44-5"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
5
date
Mon, 16 Dec 2024 16:49:26 GMT
content-type
text/css
last-modified
Sun, 01 Dec 2024 12:44:52 GMT
server
nginx
6b575081-117f-49ba-bff7-347875107505.json
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/
4 KB
2 KB
XHR
General
Full URL
https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/6b575081-117f-49ba-bff7-347875107505.json
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
452e848011addd295fb703e4160153e3d1b126765b6ec39529d4265b7370296d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
BgWvBP6Mp0YbPhlBiUL4iA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD153B1F13A9DB
age
28989
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 17 Dec 2024 16:49:26 GMT
date
Mon, 16 Dec 2024 16:49:26 GMT
content-type
application/json
last-modified
Thu, 05 Dec 2024 14:43:02 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
59f5b538-c01e-00bb-5e24-47727e000000
cf-ray
8f302aaebb00c233-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
1576
x-ms-blob-type
BlockBlob
server
cloudflare
gtm.js
www.googletagmanager.com/
337 KB
114 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e9009eec85895c3db3f7e6841717abb38fd08a99124b10d11cd04783fb8c2ead
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Mon, 16 Dec 2024 16:49:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
115929
x-xss-protection
0
server
Google Tag Manager
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/
492 KB
153 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
5395541545685299795
age
28373
x-content-type-options
nosniff
expires
Tue, 16 Dec 2025 08:56:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 08:56:33 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
156760
x-xss-protection
0
server
cafe
ppub_config
securepubads.g.doubleclick.net/pagead/
222 B
141 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.infosecurity-magazine.com
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
b6c524dc5a6a216d118fd3e08d2a6a088b1863cec94f7f7b55ee8a0f54f47d2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 16:49:26 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
116
date
Mon, 16 Dec 2024 16:49:26 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
70378f6c-782d-4024-9c09-2f3b8000d029.jpg
assets.infosecurity-magazine.com/webpage/feat/
32 KB
32 KB
Image
General
Full URL
https://assets.infosecurity-magazine.com/webpage/feat/70378f6c-782d-4024-9c09-2f3b8000d029.jpg
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
01f82cb1953795f14f9a5c758f7eb21ea6774c2e39ec8dad2ab00d152629d4b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, max-age=2764800
x-content-type-options
nosniff
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
32758
x-ua-compatible
IE=Edge
date
Mon, 16 Dec 2024 16:49:27 GMT
x-xss-protection
1; mode=block
content-type
image/jpeg
x-amz-cf-pop
FRA60-P3
server
RX
x-amz-cf-id
8fhe1-22KblmANn_i10daw5-8sNqwOGNlLdSlg5cNcVODiS8ipgOKg==
x-frame-options
SAMEORIGIN
l
use.typekit.net/af/2180b4/00000000000000007735a193/30/
23 KB
23 KB
Font
General
Full URL
https://use.typekit.net/af/2180b4/00000000000000007735a193/30/l?subset_id=2&fvd=n6&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a45a4393f8b7ac978e32ac46f58dad43eb83811a4b3d9f7b79cac1f864edd662

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.infosecurity-magazine.com
Referer
https://use.typekit.net/phq8nwg.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"d42a9fe146eae2c4c65475dbd44806c5aed58d8b"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
23312
date
Mon, 16 Dec 2024 16:49:27 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/32b0e4/00000000000000007735a185/30/
44 KB
45 KB
Font
General
Full URL
https://use.typekit.net/af/32b0e4/00000000000000007735a185/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.infosecurity-magazine.com
Referer
https://use.typekit.net/phq8nwg.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"dead750a1d4bc579636464295fb9e45aa84c4884"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
45468
date
Mon, 16 Dec 2024 16:49:27 GMT
content-type
application/font-woff2
server
nginx
l
use.typekit.net/af/73dbad/00000000000000007735a197/30/
24 KB
24 KB
Font
General
Full URL
https://use.typekit.net/af/73dbad/00000000000000007735a197/30/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/phq8nwg.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4ca1e0e518aaf5d78abd4fc78268ac642cb679dbb56a905d2c57a296566a0bba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://www.infosecurity-magazine.com
Referer
https://use.typekit.net/phq8nwg.css

Response headers

cache-control
public, max-age=31536000
timing-allow-origin
*
etag
"550ca47a88a465c010c13a8c017f04a91a75a9a4"
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
24168
date
Mon, 16 Dec 2024 16:49:27 GMT
content-type
application/font-woff2
server
nginx
605bfdcb-abca-4e31-9902-3a3d746228ce.png
assets.infosecurity-magazine.com/s3/infosec-media/images/profile/
2 KB
2 KB
Image
General
Full URL
https://assets.infosecurity-magazine.com/s3/infosec-media/images/profile/605bfdcb-abca-4e31-9902-3a3d746228ce.png?width=64&height=64&mode=crop&scale=both&format=webp
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
07ac84596d158248a60c2f747f609a508e6e2f1980a23f0608caee79a30291b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age
2049458
x-content-type-options
nosniff
expires
Tue, 24 Dec 2024 23:31:49 GMT
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
K2UR_10b7RsppjYKkGenq-1uVpIF-iQsgs0f9KmQqhBP-C8MNDeEkw==
date
Fri, 22 Nov 2024 23:31:49 GMT
content-type
image/webp
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
cache-control
public
x-aspnet-version
4.0.30319
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
content-length
1686
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/
69 B
307 B
XHR
General
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.32.137 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept
application/json
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
access-control-allow-methods
GET, OPTIONS
cf-ray
8f302ab76e0d7d9a-TLV
access-control-allow-origin
*
date
Mon, 16 Dec 2024 16:49:28 GMT
content-type
application/json
vary
Accept-Encoding
server
cloudflare
access-control-allow-headers
Content-Type
/
www.infosecurity-magazine.com/account-buttons/
240 B
2 KB
XHR
General
Full URL
https://www.infosecurity-magazine.com/account-buttons/?time=1734367767025
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
4e916eb59cd64cce6fc41e3355180f0284ae0edc2602686431e90f2e7f082652
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
Vg8GV1ZVCxACUFBSAgMEV1c=
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiYmRkZDhmNzQyMjFhNjEwOSIsInRyIjoiNTQzY2Y3OWNiZTE0ODdlYmMxNzA5ZGE3NjlhNjlmMzUiLCJ0aSI6MTczNDM2Nzc2NzAyN319
traceparent
00-543cf79cbe1487ebc1709da769a69f35-bddd8f74221a6109-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
tracestate
2916063@nr=0-1-2916063-322535572-bddd8f74221a6109----1734367767027

Response headers

x-content-type-options
nosniff
access-control-allow-methods
*
expires
-1
x-cache
Miss from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
nmsxdAvgVbiLXywL0btdC_MHA6FADuQAnTaBo3aRl8Fgqq7diH4z1A==
date
Mon, 16 Dec 2024 16:49:27 GMT
content-type
application/json; charset=utf-8
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
cache-control
no-cache, no-store
pragma
no-cache
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
content-length
240
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
/
www.infosecurity-magazine.com/nav/mobile/
4 KB
2 KB
XHR
General
Full URL
https://www.infosecurity-magazine.com/nav/mobile/
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
53fc4495c7705b2373e2b73ec881c82dffb40cfbd744d8e5bd8ba7f5a018575b
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

X-NewRelic-ID
Vg8GV1ZVCxACUFBSAgMEV1c=
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjI5MTYwNjMiLCJhcCI6IjMyMjUzNTU3MiIsImlkIjoiZDczZThlZjExZTZhYTkzMSIsInRyIjoiZTlkMGNkZTc3NWU1ZmI3NjczYTNjZWE0YTFmYzBkOWIiLCJ0aSI6MTczNDM2Nzc2NzAyOH19
traceparent
00-e9d0cde775e5fb7673a3cea4a1fc0d9b-d73e8ef11e6aa931-01
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
tracestate
2916063@nr=0-1-2916063-322535572-d73e8ef11e6aa931----1734367767028

Response headers

content-encoding
br
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Miss from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
1j8pGftvblkpmPOMFWVvOJvrb1UphxBKwPrLuw_8HVeZraaMUBRMmw==
date
Mon, 16 Dec 2024 16:49:27 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
cache-control
private
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
gpt
securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/
63 KB
22 KB
Other
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/dict/m202412050101/gpt
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
4443559573512225521
age
62461
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 23:28:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 15 Dec 2024 23:28:26 GMT
content-type
text/plain; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=86400, stale-while-revalidate=7200
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
22952
x-xss-protection
0
server
cafe
use-as-dictionary
match="/gampad/ads", id="m202412050101"
collect
www.google.com/ccm/
0
0
Ping
General
Full URL
https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=1970144912.1734367768&dt=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&auid=51333159.1734367768&navt=n&npa=0&gtm=45He4cc1v78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tft=1734367768345&tfd=5207&apve=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f100.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

js
www.googletagmanager.com/gtag/
404 KB
131 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c&gtm=45He4cc1v78347448za200
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b32e08558e6bca6d798ba59ede2cc4da8e3f0e19c5c369be05884bc6d78a1305
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 16 Dec 2024 16:49:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
133732
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
age
484
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 18:41:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:41:25 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
destination
www.googletagmanager.com/gtag/
291 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-875375440&l=dataLayer&cx=c&gtm=45He4cc1v78347448za200
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
435b3a85baba7cc9c682018aa7d4189fa7af35466ad790b25e19de932932732b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Mon, 16 Dec 2024 16:49:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101806
x-xss-protection
0
server
Google Tag Manager
insight.min.js
snap.licdn.com/li.lms-analytics/
13 KB
5 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=74277
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
5114
date
Mon, 16 Dec 2024 16:49:29 GMT
last-modified
Wed, 11 Dec 2024 08:31:33 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-UtaYcSTO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 16:49:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-UtaYcSTO' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
MODERATE; q=0.3, rtt=160, rtx=0, c=26, mss=1232, tbw=8438, tp=17, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
2slMBcOGiEaM9QzxazL5k+o1+oGyMk/TUWer33HEMAB9o36W30/eOWtVXqqr+mVU3p+o06gSZ6AHnB+LHb9gwA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62283
x-xss-protection
0
origin-agent-cluster
?1
oct.js
static.ads-twitter.com/
57 KB
16 KB
Script
General
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

vary
Accept-Encoding,Host
cache-control
no-cache
content-encoding
gzip
etag
"4328e910de583ad53b3a7a76455af005+gzip+gzip"
accept-ranges
bytes
x-cache
HIT, HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length
15926
date
Mon, 16 Dec 2024 16:49:30 GMT
x-tw-cdn
FT
last-modified
Tue, 29 Oct 2024 20:04:45 GMT
content-type
application/javascript; charset=utf-8
x-served-by
cache-iad-kiad7000059-IAD, cache-fra-eddf8230155-FRA
x-amz-server-side-encryption
AES256
tag.aspx
ml314.com/
38 KB
13 KB
Script
General
Full URL
https://ml314.com/tag.aspx?16112024
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=6sDw2Q==, md5=YyYW/xWCXwMKqzORpY7wQg==
content-encoding
br
age
3457
x-goog-stored-content-encoding
identity
x-cache-hit
hit
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length
39162
date
Mon, 16 Dec 2024 15:51:53 GMT
last-modified
Wed, 24 Jul 2024 19:30:50 GMT
content-type
application/javascript
vary
Accept-Encoding
x-guploader-uploadid
AFiumC7F6h_DHPzlSCcSIMSYSvLsfKxcKfAiPgV47OkUM9Q4hnjaoACQIHSO-ai5BcLhSa1X
cache-control
public,max-age=3600
x-goog-storage-class
STANDARD
via
1.1 google
cache-id
TLV
accept-ranges
bytes
x-goog-generation
1721849450340665
content-length
12522
server
UploadServer
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202411.1.0/
462 KB
112 KB
Script
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.1.0/otBannerSdk.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c5e5da9ad3458d5cbdf9c3262174f7689b8e42a1c7acf3675f7b2feb19afcf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
8fF3bQBAtsTV4Scm1Tq+rA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD141864E1A335
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
45371
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 16:49:28 GMT
content-type
application/javascript
last-modified
Wed, 04 Dec 2024 04:01:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
2371e7f4-d01e-0086-3f09-46c758000000
cf-ray
8f302abacb17c22e-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
114429
x-ms-blob-type
BlockBlob
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4cc0/ Frame 6EC9
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4cc0/sw_iframe.html?origin=https%3A%2F%2Fwww.infosecurity-magazine.com
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJ69SWF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
344877
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 12 Dec 2024 17:01:32 GMT
expires
Fri, 12 Dec 2025 17:01:32 GMT
last-modified
Thu, 12 Dec 2024 10:18:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame B975
0
0
Document
General
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
1025
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29117
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:32:25 GMT
expires
Mon, 16 Dec 2024 17:22:25 GMT
last-modified
Mon, 09 Dec 2024 20:44:42 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
51 KB
4 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1892005857162125&correlator=3978854647793368&eid=31086815%2C31089348%2C31089200%2C31086809&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cfake-captcha-campaign-risks&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734367769205&lmt=1734357610&adxs=436&adys=8&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&vis=1&psz=1600x50&msz=728x50&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734367764115&idt=4617&cust_params=topics%3DApplication%2520Security%252CCybercrime%252CData%2520Protection%252CHuman%2520Factor%252CIdentity%2520Access%2520Management%252CInternet%2520Security%252CMalware%252CWeb%2520Application%2520Security%252CPhishing%252CThreat%2520Intelligence%252CSocial%2520Engineering%252CAuthentication%2520Tokens&adks=153096743&frm=20&eoidce=1&td=1&egid=38201&tan=16faed0b-93f4-4b32-b7e3-8deeaee82932&tdf=2
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
d1a8667cd562187e0f12c7fc55557749bc4ce1a6652f58fdaca9c523cc5d7ad4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
dcb
google-lineitem-id
6865662437
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 16:49:29 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138500389700
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.infosecurity-magazine.com
content-length
4424
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/
51 KB
4 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1892005857162125&correlator=2916162602293432&eid=31086815%2C31089348%2C31089200%2C31086809&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cfake-captcha-campaign-risks&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734367769277&lmt=1734357610&adxs=1046&adys=770&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&vis=1&psz=364x331&msz=300x250&fws=0&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734367764115&idt=4617&cust_params=topics%3DApplication%2520Security%252CCybercrime%252CData%2520Protection%252CHuman%2520Factor%252CIdentity%2520Access%2520Management%252CInternet%2520Security%252CMalware%252CWeb%2520Application%2520Security%252CPhishing%252CThreat%2520Intelligence%252CSocial%2520Engineering%252CAuthentication%2520Tokens&adks=3658998250&frm=20&eoidce=1&td=1&egid=38201&tan=16faed0b-93f4-4b32-b7e3-8deeaee82933&tdf=2
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
175801e2fef560a4424186e60faedf1ab4490e6ab3f2b9756b081338c8d00c67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
dcb
google-lineitem-id
6865662437
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138500389439
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.infosecurity-magazine.com
content-length
4313
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/
51 KB
4 KB
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1892005857162125&correlator=787962440993146&eid=31086815%2C31089348%2C31089200%2C31086809&output=ldjh&gdfp_req=1&vrg=202412090101&ptt=17&impl=fifs&iu_parts=1165%2Crx_infosecurity_magazine%2Cnews%2Cfake-captcha-campaign-risks&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1734367769300&lmt=1734357610&adxs=436&adys=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&vis=1&psz=1600x50&msz=728x50&fws=512&ohw=0&topics=9&tps=9&htps=10&nt=1&psd=WzE1LFtdLG51bGwsM10.&dlt=1734367764115&idt=4617&cust_params=topics%3DApplication%2520Security%252CCybercrime%252CData%2520Protection%252CHuman%2520Factor%252CIdentity%2520Access%2520Management%252CInternet%2520Security%252CMalware%252CWeb%2520Application%2520Security%252CPhishing%252CThreat%2520Intelligence%252CSocial%2520Engineering%252CAuthentication%2520Tokens&adks=839117267&frm=20&eoidce=1&td=1&egid=38201&tan=16faed0b-93f4-4b32-b7e3-8deeaee82934&tdf=2
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
42576f301f888cb1da1a37421b18aeb380f10b159a3e03627c9981c9bf759658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
dcb
google-lineitem-id
6865662437
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
138500389700
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://www.infosecurity-magazine.com
content-length
4334
x-xss-protection
0
server
cafe
container.html
cbacde534710f034e82cea4d3ea43cde.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BAB5
0
0
Document
General
Full URL
https://cbacde534710f034e82cea4d3ea43cde.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:49:30 GMT
expires
Mon, 16 Dec 2024 16:49:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
insight.beta.min.js
snap.licdn.com/li.lms-analytics/
40 KB
14 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.beta.min.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.24.77.43 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a184-24-77-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=25267
content-encoding
gzip
x-cdn
AKAM
x-content-type-options
nosniff
accept-ranges
bytes
content-length
14634
date
Mon, 16 Dec 2024 16:49:29 GMT
last-modified
Tue, 26 Nov 2024 13:42:26 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/
3 B
369 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=570787078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&ul=he-il&de=UTF-8&dt=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAACAAI~&jid=238393222&gjid=1314348740&cid=1167938268.1734367769&tid=UA-7632735-1&_gid=1692204598.1734367769&_r=1&_slc=1&gtm=45He4cc1n81MJ69SWFv78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=721907625
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:29 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://www.infosecurity-magazine.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
collect
www.google-analytics.com/
35 B
407 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=570787078&t=pageview&_s=1&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&ul=he-il&de=UTF-8&dt=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAACAAI~&jid=&gjid=&cid=1167938268.1734367769&tid=UA-7632735-1&_gid=1692204598.1734367769&gtm=45He4cc1n81MJ69SWFv78347448za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1569702736
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age
77586
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 15 Dec 2024 19:16:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
580638648955413
connect.facebook.net/signals/config/
79 KB
16 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/580638648955413?v=2.9.179&r=stable&domain=www.infosecurity-magazine.com&hme=b8122d5d96cd6f542162ba4f497489972d1ebe228d24c39d34f560e30ae932ce&ex_m=70%2C122%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C173%2C176%2C188%2C184%2C185%2C187%2C29%2C101%2C53%2C77%2C186%2C168%2C171%2C181%2C182%2C189%2C132%2C41%2C191%2C192%2C34%2C144%2C15%2C50%2C197%2C196%2C134%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C169%2C172%2C141%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
2f66cf25254aed9cc93405fb52c07e6750328dcc77551074c82679bf26ec07cd
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-HabhWu6F' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 16:49:29 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-HabhWu6F' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
MODERATE; q=0.3, rtt=159, rtx=0, c=76, mss=1232, tbw=74422, tp=73, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
turl0Nr5PK/QqOtr5ewzIJrSG9eB51Ld2+XKHRZx26ob4PD56IgyrdkIv34cUvWyH9se+dCICFaCLejEaKzkgQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
px.ads.linkedin.com/wa/
0
315 B
XHR
General
Full URL
https://px.ads.linkedin.com/wa/
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Content-Type
text/plain;charset=UTF-8

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 2BBCFE2529E443D280310B4A2163D4C5 Ref B: TLV30EDGE0416 Ref C: 2024-12-16T16:49:30Z
x-li-fabric
prod-lva1
access-control-allow-credentials
true
x-li-uuid
AAYpZfbioyW50oyCFFn+Bw==
x-li-proto
http/2
access-control-allow-origin
https://www.infosecurity-magazine.com
x-cache
CONFIG_NOCACHE
date
Mon, 16 Dec 2024 16:49:30 GMT
vary
Origin
/
www.googleadservices.com/pagead/conversion/875375440/
5 KB
3 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/875375440/?random=1734367770139&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
3405f81271e874078a2cff63ead16afffa5d14f2a96188401d245b26c3fa0ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
2632
date
Mon, 16 Dec 2024 16:49:30 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
875375440
td.doubleclick.net/td/rul/ Frame F75F
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/875375440?random=1734367770139&cv=11&fst=1734367770139&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:49:30 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
attribution_trigger
px.ads.linkedin.com/
2 B
766 B
XHR
General
Full URL
https://px.ads.linkedin.com/attribution_trigger?pid=5460932&time=1734367770374&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tm=gtmv2
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*
Referer

Response headers

x-li-pop
afd-prod-ltx1-x
content-encoding
gzip
x-fs-uuid
00062965f6e409911536c53756a0e1ef
x-msedge-ref
Ref A: 570BAE42E8C0423DB797BF661FB9EA92 Ref B: TLV30EDGE0421 Ref C: 2024-12-16T16:49:30Z
x-li-fabric
prod-ltx1
x-restli-protocol-version
1.0.0
access-control-allow-methods
GET, OPTIONS
x-li-uuid
AAYpZfbkCZEVNsU3VqDh7w==
x-li-proto
http/2
access-control-allow-origin
*
x-cache
CONFIG_NOCACHE
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
application/json
access-control-allow-headers
*
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-cam...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-cam...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D5460932%26time%3D1734367770374%26li_adsId%3D18e865bb-1fe1-4755-b9b1-3a338fa18076%...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-cam...
0
163 B
Image
General
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tm=gtmv2&cookiesTest=true&liSync=true
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

linkedin-action
1
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 31BB0955DE714EC7A6CE9AEAB1748D2D Ref B: TLV30EDGE0416 Ref C: 2024-12-16T16:49:31Z
x-li-fabric
prod-lva1
x-li-uuid
AAYpZfb03r5EDZyOAg4piQ==
x-li-proto
http/2
x-cache
CONFIG_NOCACHE
content-length
0
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
application/javascript

Redirect headers

linkedin-action
1
cf-cache-status
DYNAMIC
x-li-fabric
prod-lva1
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-li-proto
http/2
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 16:49:31 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000
x-li-pop
cf-prod-lva1-x
content-security-policy
frame-ancestors 'self'
cache-control
no-cache, no-store
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=5460932&time=1734367770374&li_adsId=18e865bb-1fe1-4755-b9b1-3a338fa18076&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tm=gtmv2&cookiesTest=true&liSync=true
pragma
no-cache
cf-ray
8f302acbe82dc22e-TLV
x-li-uuid
AAYpZfbvkeK+r3I61dz5qQ==
content-length
0
server
cloudflare
en.json
cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/
82 KB
17 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/consent/6b575081-117f-49ba-bff7-347875107505/018e2cd8-c28b-750d-9e58-7ba1eec301f0/en.json
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01363ea36a461108817250e3608c09dffd0058064fbc26a27d446d6a32ad2142
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
wKF6ksed7FU3s12pfatXAA==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
cf-cache-status
HIT
etag
0x8DD153B22220E9A
age
28992
x-ms-lease-status
unlocked
x-content-type-options
nosniff
x-ms-version
2009-09-19
expires
Tue, 17 Dec 2024 16:49:30 GMT
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
application/json
last-modified
Thu, 05 Dec 2024 14:43:07 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin, cross-origin
x-ms-request-id
5df5f9cf-a01e-0082-5e24-4732da000000
cf-ray
8f302ac5cd06c233-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
17586
x-ms-blob-type
BlockBlob
server
cloudflare
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&rl=&if=false&ts=1734367770550&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1734367770542.92645164175152731&cs_est=true&ler=empty&cdl=API_unavailable&it=1734367769810&coo=false&rqm=GET
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=137, rtx=0, c=24, mss=1232, tbw=8273, tp=14, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
199 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=580638648955413&ev=PageView&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&rl=&if=false&ts=1734367770550&sw=1600&sh=1200&v=2.9.179&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1734367770542.92645164175152731&cs_est=true&ler=empty&cdl=API_unavailable&it=1734367769810&coo=false&rqm=FGET
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra5.facebook.com
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7449052851405515175"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
SjeMl/QwLt0biMo34AcHgQz7n6jowoWHYwUA8pT03YOFOOpEQ8v2tveJlnrzpNNgeW0QO1eLIk+tL/fe97Swgg==
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7449052851405515175", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
GOOD; q=0.7, rtt=132, rtx=0, c=26, mss=1232, tbw=8773, tp=20, tpl=0, uplat=137, ullat=0
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' 'report-sample' 'nonce-t2MrqDnu' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
collect
analytics.google.com/g/
0
0
Fetch
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-8VSXE5KKGM&gtm=45je4cc1v898772242z878347448za200zb78347448&_p=1734367766537&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=1167938268.1734367769&ul=he-il&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1734367770&sct=1&seg=0&dl=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&dt=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&en=page_view&_fv=1&_ss=1&tfd=7558
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.infosecurity-magazine.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:30 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
564 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8VSXE5KKGM&cid=1167938268.1734367769&gtm=45je4cc1v898772242z878347448za200zb78347448&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8VSXE5KKGM&l=dataLayer&cx=c&gtm=45He4cc1v78347448za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.184.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wa-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.infosecurity-magazine.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 0B71
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-8VSXE5KKGM&gacid=1167938268.1734367769&gtm=45je4cc1v898772242z878347448za200zb78347448&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&z=791757358
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:49:31 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.co.il/ads/
42 B
408 B
Image
General
Full URL
https://www.google.co.il/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8VSXE5KKGM&cid=1167938268.1734367769&gtm=45je4cc1v898772242z878347448za200zb78347448&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102081485~102198178&tag_exp=101925629~102067555~102067808~102081485~102198178&z=1854915726
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 431B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsudAb1Jlcbro5of3TKoUeluLkHQDiB3Wj7MmcMrvE91zX13xH3kOq5UJPC3_Uhl1vhdDu_eEHMjC4_g9k64sZXphcbr9DBZtqSRv297ki0fGNuNPMfsM-o8sl38M2GmQAKte1_zrKGiK83-D9rbIU7VjmuGuBL9vEuPemSRTpbu2d8yRCTkxhc0w1OXbACCuF5k7897pyi2s7X9_2Epph_UhoRC2oBNE8QzfCx7BVDz2Wm9Za-5tcMQUizN_X1CGoSs5giZK6zTMiucxFkkO1nnusGDoWfk9xiFtRoIqMosYa-8Us2OhUoWkfqdTHvEKvGwMNjRJ_J-Nq1S8WnWiZ159VxjN_Cm_A2XmH3NJrfYbHem0YXWtbvtILqAMMgwA24XriC42SsO6adJ7Dak9T8LRzCwPyMSqPlJWAX4r-RDlRg0geQ4SLpdlQmIe4wpA4i3ibMrEaBf&sai=AMfl-YRsujtnjSe_OFNVVm4jJ0V3QNsU4JaBQzYe5zA4t8J0EHlt-RV27AdXb8S5dKHQ0wbiMZRNIvBJIUpKNpVbqWslWLEdvr6Ws0OxMjJkMoNhTE1X4qwlChlxYolAuTPQMwaFSsL4KC-zcN7ec83LOQ&sig=Cg0ArKJSzPXwLjqsokU7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 431B
3 KB
2 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6567774568227038691
age
1557
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 16:23:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 16:23:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 431B
218 KB
67 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
15965780714114583650
age
2168
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 17:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 16:13:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
14807556918793490054
tpc.googlesyndication.com/simgad/ Frame 431B
83 KB
84 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14807556918793490054
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
afcda59138d941b76c6cef7da75bcbf0cc1d881c898fa99f34ddc9e255d945d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age
546482
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:01:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 10 Dec 2024 09:01:29 GMT
last-modified
Mon, 09 Dec 2024 10:08:14 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
85268
x-xss-protection
0
server
sffe
adsct
t.co/i/
43 B
630 B
Image
General
Full URL
https://t.co/i/adsct?bci=1&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2610%2624%261600%261200%260%26na&eci=1&event_id=f3e5d682-bf79-4cfe-a642-c0c85d4bfb68&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=34cd9839-d5c6-4a26-b322-ca1454124033&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.31
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=0
x-transaction-id
0e4a3d6ea3cb4c53
cache-control
no-cache, no-store, max-age=0
x-connection-hash
505e6f0afd9fcab6579f38b850d8f1e86c7343368788cdb5b123e90cd90918cc
cf-cache-status
DYNAMIC
cf-ray
8f302acabd7aed42-TLV
x-response-time
183
content-length
43
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
image/gif;charset=utf-8
perf
7402827104
server
cloudflare tsa_o
adsct
analytics.twitter.com/i/
43 B
393 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?bci=1&dv=Asia%2FJerusalem%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2610%2624%261600%261200%260%26na&eci=1&event_id=f3e5d682-bf79-4cfe-a642-c0c85d4bfb68&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=34cd9839-d5c6-4a26-b322-ca1454124033&tw_document_href=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o7tzd&type=javascript&version=2.3.31
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=631138519
x-transaction-id
c81a10008d889c75
cache-control
no-cache, no-store, max-age=0
x-connection-hash
6a314a5f1dad2e6da7246cf43a015dda27c5f92d7e52185f6561ebe45a3036ab
x-response-time
179
content-length
43
date
Mon, 16 Dec 2024 16:49:30 GMT
perf
7402827104
content-type
image/gif;charset=utf-8
server
tsa_f
truncated
/ Frame 431B
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaca6fbddd7f2412dc5cea94293a1d2a9e9a2ab06f853982b09d11381dc08e01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
utsync.ashx
ml314.com/
62 B
237 B
Script
General
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=81370&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&pv=1734367771230_1y06tc25y&bl=he-il&cb=776359&return=&ht=&d=&dc=&si=1734367771230_1y06tc25y&cid=&s=1600x1200&rp=&v=2.7.4.212
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
79.77.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
via
1.1 google
expires
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
application/javascript
server
Google Frontend
ud.ashx
in.ml314.com/
20 B
482 B
Script
General
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=16112024&v=2.7.4.212
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.175.32.137 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-175-32-137.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Cache-Control
public
X-AspNet-Version
4.0.30319
Content-Encoding
gzip
Connection
keep-alive
Expires
Tue, 17 Dec 2024 16:49:32 GMT
Content-Length
138
Date
Mon, 16 Dec 2024 16:49:31 GMT
Content-Type
application/javascript; charset=utf-8
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
view
securepubads.g.doubleclick.net/pcs/ Frame 6B1B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYp66JIUeEFSTAVcoPYBsy-KjNg3-8N2eQaiA0UkEHOpZfSTW6CHl_bwXVTNnlOOQrjOY7gR1oB-xEPN9RagR6BX4tr68MTFgfYmZF6wgCc3F4u7hWLUCQ2zLk_sAqnARZPpJBt9_YUq9YpO6swAPjA9-dCSSsLfmE3cfDm_DO9xhpGHvob_ImuRQixYQRAUXEYS0rSEi1iG_vGbqdcNWsY0Sz50xFKVQtNnVLcyzlMrtJaFBI7851EnDjitK-tFSQRHHLs4JW33T7mFV1ZU6dMQsc2iGcSR8Q9KTOHAujN-PQFToFndoTCMCGmlXvponCMkg5EozkemV5RdivjCjht0nZbPD9WsGZijrYKiUxlzlVF9PjD00nLSkNtgpwoZAYhwLgZ4sTwTcM3sKs6aDp7FPBxDHpligTzbWS-cBI3Yx48u0xwTCIN74qnT7XzEmxoe3MuZRT&sai=AMfl-YRFPEavoOx0GH2HtEkXM_NklOcuDk0FrE34c8YpOQZNu1QLK224t2e7rxZaRbWsXP72eR-lHlinI0KNyyx8VTIZccwiUQF7-KEgbETuYAfO9O1584sbiXs2sK0jNvb9E6RTyAzhXMcIG5z-PDB_&sig=Cg0ArKJSzD94M_0g1vygEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame 6B1B
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6567774568227038691
age
1557
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 16:23:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 16:23:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 6B1B
218 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
15965780714114583650
age
2168
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 17:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 16:13:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
3987499950302233422
tpc.googlesyndication.com/simgad/ Frame 6B1B
91 KB
92 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/3987499950302233422
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
18112857f1e349075b55369c6789129b8e7e9ba4be9e6e6d67fa36ebe89351b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age
545662
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:15:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 10 Dec 2024 09:15:09 GMT
last-modified
Mon, 09 Dec 2024 10:08:57 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
93626
x-xss-protection
0
server
sffe
view
securepubads.g.doubleclick.net/pcs/ Frame A58B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvRLI3z2IUENhVkNXPGVM0vpjtdkskKcBu4Ov8nA3ihqRbzYNQzg0ISc_Z51RZbxcS_n_zp9rU1XC7l1gVHPoPoa2h1ed2IBqvqysKiwU7wm0flsxmXnGuDRHsSQKAVjtAJdcksLKZ1ZluQoRyJAfTdqGiZWEVNxsm8dc4mQ1wwfh2rt_fksL251fQp3wSLfv5hdSOZSw5JL_QSiCusZM3ZXSqEXdi0bS6y9IRjLWUQxeW2vssNh81YLJa6xs52-kdGVV6uR-p58H94_0yeCbRBw-6CGBrt6I8hWGNLdrutwCyFpqHaYqW7ERYa3EWJboFKpZodqGoE_-L9eEhd_qVOBrhGbHgFU97tOkJ5jacMS1996AjICcXzOdorj8U1XlHa3ge6zzEgcxgEaNB_2d_b5XH7-A_ytC3d5_mJ5yWoOJ7-eYoqavrFxxltVnTzgDqQkfCOz4Or&sai=AMfl-YQ8OKDAy5L0hfh4fRkmDLLWF6Gtwz6z9VckovwB3OTkGLFGydQHiV2mC_owFdyVhXKEa6miO6fQjxqteCvjyq-94mQXXrH6L9VmqnVJ4ZZBEXnTObsvIpav3lGCJEFTNOiFreqHpOwRpDtNmQfjlw&sig=Cg0ArKJSzDl1kv1hqIz7EAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
14807556918793490054
tpc.googlesyndication.com/simgad/ Frame A58B
83 KB
0
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14807556918793490054
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
afcda59138d941b76c6cef7da75bcbf0cc1d881c898fa99f34ddc9e255d945d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

age
546482
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
x-content-type-options
nosniff
expires
Wed, 10 Dec 2025 09:01:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
allow-fenced-frame-automatic-beacons
true
date
Tue, 10 Dec 2024 09:01:29 GMT
last-modified
Mon, 09 Dec 2024 10:08:14 GMT
content-type
image/png
cache-control
public, max-age=31536000
timing-allow-origin
*
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
content-length
85268
x-xss-protection
0
server
sffe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/ Frame A58B
3 KB
0
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20241212/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
6567774568227038691
age
1557
x-content-type-options
nosniff
expires
Mon, 30 Dec 2024 16:23:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 16:23:34 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1234
x-xss-protection
0
server
cafe
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A58B
218 KB
0
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202412090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
etag
15965780714114583650
age
2168
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 17:13:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 16 Dec 2024 16:13:23 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=ISO-8859-1
vary
Accept-Encoding
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
69026
x-xss-protection
0
server
cafe
truncated
/ Frame 6B1B
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
411817052fafe5b730ea57d0d5fd33ad462e6ba141503108ea32a118f0c15f8f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
truncated
/ Frame A58B
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
211c3a65a580361b495165518208e385e3299014e0235866e632397acb9d9a84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
/
www.google.co.il/pagead/1p-conversion/875375440/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13...
  • https://www.google.com/pagead/1p-conversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_...
  • https://www.google.co.il/pagead/1p-conversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&ta...
42 B
154 B
Image
General
Full URL
https://www.google.co.il/pagead/1p-conversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIufmHt9-sigMVp94RCB1iFzEiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEFJZ0x6X3VnWVFoUE83NjRMV3hzMVVFaTBBU2xiZlA1anRpYV9LcHc4ZTlPdkFFTV8wSlRLaTdHRmlfN0I1VTJyMEVJVDRSaXJPbVhycGZmR2dNUjQ&is_vtc=1&cid=CAQSKQCa7L7dfBK1SUJZ1PNyheZIbWQ05dbQEjdFAfdfQtO7lWLYjt3dfj0H&eitems=ChAIgLz_ugYQhsK70YnlyZZCEh0ADbz98-cAd4eDMyayCQun2okyIaL0cT0L3lcM5Q&random=3153316715&ipr=y
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://www.google.co.il/pagead/1p-conversion/875375440/?random=947975506&cv=11&fst=1734367770139&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457z878347448za201zb78347448&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&label=a2QGCPW5tqwZENDWtKED&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&value=0&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgixw7ECCIrFsQIIwsmxAgjrxrECCKPFsQII08WxAkoVdHJpZ2dlciwgZXZlbnQtc291cmNlWgMKAQFiBAoCAgM&pscrd=IhMIufmHt9-sigMVp94RCB1iFzEiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSQldDaEFJZ0x6X3VnWVFoUE83NjRMV3hzMVVFaTBBU2xiZlA1anRpYV9LcHc4ZTlPdkFFTV8wSlRLaTdHRmlfN0I1VTJyMEVJVDRSaXJPbVhycGZmR2dNUjQ&is_vtc=1&cid=CAQSKQCa7L7dfBK1SUJZ1PNyheZIbWQ05dbQEjdFAfdfQtO7lWLYjt3dfj0H&eitems=ChAIgLz_ugYQhsK70YnlyZZCEh0ADbz98-cAd4eDMyayCQun2okyIaL0cT0L3lcM5Q&random=3153316715&ipr=y
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
js
www.googletagmanager.com/gtag/
291 KB
99 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-875375440
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.40 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
021658094e9c63e2de661c4af87e3ccd5a370e7caf8a70666173cc8578acb383
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Mon, 16 Dec 2024 16:49:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Mon, 16 Dec 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
101741
x-xss-protection
0
server
Google Tag Manager
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/
9 KB
3 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCenterRounded.json
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
axHCM7K/XWJYJsdaKqr9wQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD141861A7CAE1
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
28993
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
application/json
last-modified
Wed, 04 Dec 2024 04:01:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
26e935d1-301e-00c3-3e24-471ac9000000
cf-ray
8f302acbdbbcc233-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
2597
x-ms-blob-type
BlockBlob
server
cloudflare
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/
62 KB
15 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otPcCenter.json
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf05b33db78a3d7912dac0ca71269dcd90f16451fbafa610f5399c8117597b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
01XeOgI0x6emiMaXG0bOdQ==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding
gzip
x-ms-version
2009-09-19
etag
0x8DD141861903EA3
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
28993
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
application/json
last-modified
Wed, 04 Dec 2024 04:01:50 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
8faf2123-f01e-00f7-4024-47b561000000
cf-ray
8f302acbdbc3c233-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
15013
x-ms-blob-type
BlockBlob
server
cloudflare
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202411.1.0/assets/
24 KB
4 KB
Fetch
General
Full URL
https://cdn.cookielaw.org/scripttemplates/202411.1.0/assets/otCommonStyles.css
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
A9jekd5UoO8SyzJ6LiStug==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
28993
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 16:49:31 GMT
content-type
text/css
last-modified
Wed, 04 Dec 2024 04:02:00 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
6fa1085b-801e-001d-3f24-474a60000000
cf-ray
8f302acbfbd3c233-TLV
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 431B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4wicPpHejhAfDp4H9Vqu-LOTvvtQ5e_ytqpdd0hvKTuziTOV0OIGkhfRnnFS9ae9W9E_MhgmE5JjiXPrDtAXHkzCy5FcYwdID7csmADwO6ILaRwyYgkzXI9nJA-W-5PioGqjc-mBJOfF1u44enUTQ04b9Jc4gbCoUGeYmtkcgpDRm_KAl9NgpFoGdWwbemAjK3hjHq9r4DCY7CXeZ94cRZaZKoQT6f0HrlZp8qwoxDJLvLkNuore-ocFHBv4OpTb_i5DPmhGTzB24YjwGo_bgHgCFouMOTeQdT_Qj7ZjvKVSxc9vBnct_G9qKlTzliQriARP-KWvts2sJp3-_Drm8yrgSWQPVE9lnE3NkJ51FRBfnz4Wx8YhaRwp-N5dPavXeUGYx1cJ0RK7K8jFs-cgHrfIRP8RnHcwloIzihKCMIdyX-E2I9Sjbwa9B9cbV21pfF4sdnONskfE&sai=AMfl-YQNAj4-yWx728NfP7YFKOUFPqyockU9k-fNoVmFVN-Lk0j-5uu48VFfdCQOAKrsv7DHBG-eDkn0TWzni3v0ffHeNVwOfQwoV7rvcbzHNYbvxky1moHTudizfxSahDhMUbdp6Gi8BuQh4Aw2OEKNJQ&sig=Cg0ArKJSzA7ZT2pnT0bGEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 16:49:31 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 16 Dec 2024 16:49:31 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B1B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 6B1B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu_ZGzUAzw0wuCIpdK10BD3ap4rTyg5ZKxz44Rcj0KYsZKlZF3zurTJfE6yU09oz6ubZLUMsHgKkatUTSF2WMfMCnMfBK1wwOWecX3PHoizHIkePyWvpO8mtaqyDN0QOKwWVFKr-VADdylNTUB_QDK8bA2FdKSs9sJJJ_by5oRMOXRiPJDWLmc-8aGk5DLlrMS7w4ijw1uJ2_8VuHeOKjIWJE03wsKO28m2yKu3spkAqGod8-lvkVH91m1fg_4RiLwkX5y82IjXgqUG3qD0ziTPo5hWEBV70mciw9PrC1hcS_n6lY3b20P95N9PLDMTZ56O6wcF75xjKhdDWnFRuG2TgqpmlNFIK7mdvktMCAW7TeE1h_mxMSayqusim--boZA2rH5YcPWpKCDnHNUa6CUvtzsYS3ATzO2x498o2PYs5kNtO6NIbjFaq-eNWhK-UgK9AtzUz-1jXAA&sai=AMfl-YQoKju_JMEkUhHR9TnhnVWBIK5cT3g53a_fzwQPW00vPyn0wkQv0sIxWepvTA5EupRGJXNq37Wja9_xr8zDPWuckBk3tfhK6-vjhpizMNoKz3R8V_QBaAwvvQXXlItl_U8F9n836pfpIQ04E9TN&sig=Cg0ArKJSzKtk-EPr1edaEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 16:49:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame A58B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=colleague-executed&name=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame A58B
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssx2qDjuAu0JUomI0RTcGmOVS4zACQid5UQcARcAj4lY5e2DQexu6wwycpDV6WV8mglzmjoKWfTmk_6-EF9UbscHecuuByVhiSL7pfzj5935wnxL2XFLMaySt7hRK_HdzxlyTjqvtnPalAY2wHNOLyEZYu2_4fGkMHYZc-dKdE6Zw_5yban2BrX1OXgeSsPLkD8KCRQY_tzt8yh4KS_jCj64goTztNPRN6ITcqFMrAP2FArQYet2WKzmlBncU8q40p2zpD_ZBg9B9H79slFuXF_Co-JM2dQMYGR2OJHU5fLLG690HVenAq-0RfFbxkMZmaQeNRUm0zbPynuQ73EgP8txsjF7k3etGec9WntLETnFYgNSLA5zLwMd855nm7cj2AIjYvGACrCWRptXeD6zcuBrFwvRm6DfvaLjxEMKMg1Kv3UQwhdPNLImSEB--OnA_9ggC80TBt1VIk&sai=AMfl-YRWAYQlObaPTmY-amZpM5r55GEaGr9IDR5YL3xQlgmmyEkrD5Ibv9r1H0HjdZ4wnOcDqbqJhXEB0BARyl51_JSx5BjpNvh3n2lws-vPFs--MvioVwrPX_YU_98uAKcii090A7WOcNMHj1e7n2_9VQ&sig=Cg0ArKJSzLhRGET5-zVtEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private
timing-allow-origin
*
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 16:49:32 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 431B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6B1B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame A58B
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=av-js&type=reach&proto=CAlgAWACaAM%3D
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
0
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/875375440/?random=1734367772059&cv=11&fst=1734367772059&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
db5c53c14d38c533ffb508455c4aba4147dee94a0e5afe5c634fba3a3fdc8fc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2333
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
875375440
td.doubleclick.net/td/rul/ Frame 1FB6
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/875375440?random=1734367772059&cv=11&fst=1734367772059&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:49:32 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.google.com/pagead/1p-user-list/875375440/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/875375440/?random=1734367772059&cv=11&fst=1734364800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dtYfskPrSra208Og2L4ZRvU7496NzIByqzTb9GENW-JMmiYes&random=3235562499&rmt_tld=0&ipr=y
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f100.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.co.il/pagead/1p-user-list/875375440/
42 B
64 B
Image
General
Full URL
https://www.google.co.il/pagead/1p-user-list/875375440/?random=1734367772059&cv=11&fst=1734364800000&bg=ffffff&guid=ON&async=1&gtm=45be4cc1v892578457za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102081485~102198178&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&hn=www.googleadservices.com&frm=0&tiba=Fake%20Captcha%20Campaign%20Highlights%20Risks%20of%20Malvertising%20Networks%20-%20Infosecurity%20Magazine&npa=0&pscdl=noapi&auid=51333159.1734367768&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dtYfskPrSra208Og2L4ZRvU7496NzIByqzTb9GENW-JMmiYes&random=3235562499&rmt_tld=1&ipr=y
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.206.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
nr-spa-1216.min.js
js-agent.newrelic.com/
49 KB
19 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-spa-1216.min.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.247.243.39 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=300
cache-control
public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
content-encoding
br
etag
"63e2df852d15ab21d7ff8fc4363222e8"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT
content-length
19141
date
Mon, 16 Dec 2024 16:49:32 GMT
last-modified
Wed, 18 Oct 2023 21:31:16 GMT
content-type
application/javascript
x-served-by
cache-fra-eddf8230104-FRA
x-cache-hits
88459
vary
Accept-Encoding
sodar
ep1.adtrafficquality.google/getconfig/
17 KB
13 KB
XHR
General
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202412090101&st=env
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
902d02d0acf3fc069552c1e5ca214885969fdde60622840985fbc9d84c83b0d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
13271
date
Mon, 16 Dec 2024 16:49:32 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
RX_Logo_-_primary_logo_for_everyday_use.png
cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/
51 KB
51 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/c7f35e9f-bc78-43c8-9f0e-7cd83009704c/d5d2d0ac-164a-4501-8141-3a264a81333e/95f66c83-9442-43f5-9fb4-8a136c33442a/RX_Logo_-_primary_logo_for_everyday_use.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279b6c8b97bfb37476d6d075d1431d85a380ca36ebe6af4146844cfb135c21d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
yxwPB4FKahj/CgrZY2+Gbg==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
etag
0x8D9559A5FD49D88
age
24958
cf-cache-status
HIT
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 16:49:32 GMT
content-type
image/png
last-modified
Mon, 02 Aug 2021 09:46:17 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
974d7327-c01e-00bb-7acc-42727e000000
cf-ray
8f302ad349bcc22e-TLV
accept-ranges
bytes
access-control-allow-origin
*
content-length
52319
x-ms-blob-type
BlockBlob
server
cloudflare
powered_by_logo.svg
cdn.cookielaw.org/logos/static/
5 KB
2 KB
Image
General
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.86.42 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-md5
Y+c301RBZNK39PvKQWrIBw==
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
x-ms-lease-status
unlocked
cf-cache-status
HIT
age
37601
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 16 Dec 2024 16:49:32 GMT
content-type
image/svg+xml
last-modified
Sat, 14 Dec 2024 03:35:43 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-ms-request-id
769832aa-201e-0093-5824-4e05c1000000
cf-ray
8f302ad349bfc22e-TLV
access-control-allow-origin
*
x-ms-blob-type
BlockBlob
server
cloudflare
favicon.ico
www.infosecurity-magazine.com/
15 KB
17 KB
Other
General
Full URL
https://www.infosecurity-magazine.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-111.fra60.r.cloudfront.net
Software
RX /
Resource Hash
298718a23e658b099c5c1f9aa683dd448e518e1f6c91c4832d4ccd8fba4a4cdf
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/

Response headers

etag
"c9436846ac6d91:0"
age
29271
x-content-type-options
nosniff
access-control-allow-methods
*
x-cache
Hit from cloudfront
x-ua-compatible
IE=Edge
x-amz-cf-id
5fK1HU_nZSt1JK5qzW68siUtf9VS7nJ_wToUbDduCnmzhooSMLz0OA==
date
Mon, 16 Dec 2024 08:41:41 GMT
content-type
image/x-icon
feature-policy
accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; battery 'none'; camera 'none'; display-capture 'none'; document-domain 'self'; encrypted-media: 'none'; execution-while-not-rendered 'none'; execution-while-out-of-viewport 'none'; fullscreen 'self'; gamepad 'none'; geolocation 'none'; layout-animations 'self'; legacy-image-formats 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; navigation-override 'none'; oversized-images 'none'; payment 'none'; picture-in-picture 'self'; publickey-credentials-get 'none'; speaker-selection 'none'; sync-xhr 'self'; usb 'none'; web-share 'self'; xr-spatial-tracking 'none'
last-modified
Thu, 03 Aug 2023 12:59:01 GMT
access-control-allow-headers
Content-Type
x-frame-options
SAMEORIGIN
content-security-policy
default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
referrer-policy
same-origin
via
1.1 b43c04a791e8dcb8ddb6bb0847fcf95a.cloudfront.net (CloudFront)
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), cross-origin-isolated=(), display-capture=(), document-domain=(self), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(self), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), navigation-override=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(self), usb=(), web-share=(self), xr-spatial-tracking=()
accept-ranges
bytes
content-length
15406
x-xss-protection
1; mode=block
x-amz-cf-pop
FRA60-P3
server
RX
sodar2.js
ep2.adtrafficquality.google/sodar/
18 KB
7 KB
Script
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 16 Dec 2024 16:49:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 16 Dec 2024 16:49:33 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
activeview
pagead2.googlesyndication.com/pcs/ Frame 431B
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu8QJqriOLoNZEVj0C0WVEKiZ56z0JdII2zKRjRTYXekhyJ_GKAV_QP1U85RkYYGnq8zdqKtHBWDnZSXhCilZ2H1ZrNqh1T5_g7n8TTjo3MaSED1Hu-QhF_Y8-qEKe_FWMY2PT1-ICa1Zd0jcNpL2tp3f65xBYBx1pknMhIv4R3AuAWgC7ANch-y5IOlRBm9Q4Zvw&sig=Cg0ArKJSzBQ0UhlavEUrEAE&id=lidar2&mcvt=1000&p=8,436,98,1164&tm=1135.099998474121&tu=135.5&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=153096743&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3030057100&rst=1734367771034&rpt=784&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 6B1B
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXDp63fcgrY8rj1KLbNGAnA3Epi23IjKXx758EedGdZuN-oK3dTjnCglk_n2YeyBjhvJh-Kzx6jU6CnJSnAsOWmbTDoW3JhccJ43EVvabblWhqycVDvQ-PeVwgYCr3uTAyuY1mmp4TEvmOjFIfU_GfHhiWt77glWvzlaaB41OhvfUVOxvJUWHTiQi1F9wDSmZhFQ&sig=Cg0ArKJSzJ38CEwcIQSlEAE&id=lidar2&mcvt=1004&p=809,1046,1059,1346&tm=1028.2000007629395&tu=23.80000114440918&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3658998250&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3030057100&rst=1734367771323&rpt=598&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
NRJS-70b3f9b2c6f17cc4471
bam.eu01.nr-data.net/1/
87 B
642 B
Script
General
Full URL
https://bam.eu01.nr-data.net/1/NRJS-70b3f9b2c6f17cc4471?a=241052313&v=1216.487a282&to=MhBSZQoZXxEDUkdRWQtacWIoV0UHD0FfWUIABh9GHRpBAwVUHVlFFQ0%3D&rst=9874&ck=1&ref=https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/&ap=8&be=1539&fe=9363&dc=3882&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1734367763138,%22n%22:0,%22f%22:1,%22dn%22:2,%22dne%22:30,%22c%22:30,%22s%22:109,%22ce%22:771,%22rq%22:771,%22rp%22:952,%22rpe%22:997,%22dl%22:977,%22di%22:3882,%22ds%22:3882,%22de%22:3883,%22dc%22:9363,%22l%22:9363,%22le%22:9505%7D,%22navigation%22:%7B%7D%7D&fp=3779&fcp=3779&jsonp=NREUM.setToken
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.23 , Ireland, ASN54113 (FASTLY, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
300735ac477bb7e09ce2725f0031b085e5c86f09903d053ac8e44596731d8780

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-expose-headers
Date
timing-allow-origin
*
x-envoy-upstream-service-time
3
cross-origin-resource-policy
cross-origin
Connection
keep-alive
access-control-allow-methods
GET, POST, PUT, HEAD, OPTIONS
access-control-allow-credentials
true
access-control-allow-origin
*
Content-Length
87
date
Mon, 16 Dec 2024 16:49:33 GMT
content-type
text/javascript
x-served-by
cache-fra-eddf8230030-FRA
server
istio-envoy
activeview
pagead2.googlesyndication.com/pcs/ Frame A58B
42 B
65 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcqnnn_HsgMU4wsN8SY5aoyYmXJ5LicGtnPepf_n-QpkbDQqG2MgmZoVxw6514t1sbUSohs0oM1iXL_Webl7ccLFp7T92IxtnFQd8kQXMzP7i83dJp1lNf-P3Y7fHoUEHaPZc0fgNL1ysSygrHb61dJZ06nXwZICULtX1sfGMrmXkk_bPOrkGk-ZuzY3qI6Sk9Qg&sig=Cg0ArKJSzOceEvwtXjebEAE&id=lidar2&mcvt=1000&p=1102,436,1192,1164&tm=1033.3000011444092&tu=33.30000114440918&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20241204&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=839117267&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=3030057100&rst=1734367771369&rpt=620&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&fle=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Mon, 16 Dec 2024 16:49:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 06A2
0
0
Document
General
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
2153
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:13:40 GMT
expires
Mon, 16 Dec 2024 17:03:40 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2F61
0
0
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: www.infosecurity-magazine.com
URL: https://www.infosecurity-magazine.com/news/fake-captcha-campaign-risks/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.23.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f100.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-MADUhGSvL4-zK8pv8NnUUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-MADUhGSvL4-zK8pv8NnUUg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 16:49:33 GMT
expires
Mon, 16 Dec 2024 16:49:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202412090101&jk=1892005857162125&bg=!zM-lz4DNAAbtGp3CzRo7ADQBe5WfOLQyQfD18fxlykpMyplsR-zPSIRUor7pLv4ej-fpvMAFgZxtXqSrI4ljeDgu9QUvAgAAANBSAAAABGgBB34ANpOJKFnXztvE189d5aYO04IZsBj98tjbz7CKUZI3XN6yRW86aqtVgLX0bO76egGJgXKeNmG1o5kCtVLGehtypB-kNUM-UF8rA_V_1Kzh5i0JdhQsC-6INXBa9WPic7s0OASQDu-QQQAobWx7ycz08Ve0ccOQyinzXpt0wi0fN9Dug-qXY6MSINVo4FoCJ8O3I0XaZkGm_PXlwWFRI_4uzAYPGZXbmPFQ-EiWCWDOYg48DPFZSaZZoS18l7QxPZtFWAyG1IemKgSldwx5K4qQRzdQWVnuPv235vHLPo8Z67ObVyjOheTniESR7WhRVjgy2ftg2svi1hNWspOEAhWZaSOvtBoNluZUsAjgn0lSC-ghhkRnMoOXWmCSWbwBVFHdkdAq0lQDERNX0ORe50fhSBoz-hiSx8V7fU5p8J1tG9uoNoZ35RK09kKpm500_oeUe_QapVHA0OPyohPRfZpriRcIqUMZAjnR0aNff7yCndShsTDzU3J7O-nuN0vhQEEN0d3susTYLNbdT0v3mTOWlYLJzHt4Cl1gwuAGRMCwu-uL5goP1b87_QOmPjwVBZvMV6clJ9U9itjkiKkXhtDj0G0MsjGx0DhSvHLLmVkQ3jbzS8Nn6Iz53KLKUnzb1t1DMs1sdzzdmFfP2PmmMVQZxvcW-wmUJrBkV0OfzSMf3nq_4ZRvb6C6uRZGM4eptnNs5JL9hRDgYdX7JV-7rPF5Wos2c1gH8XgDpuSWIhohcCDMK_mFqNAtWn_Zzp0uU6whn2S49X8Qey7PNZtBIVJMr4l8p25YyQxjVUCBJhAVGTpXXFhBwLXWgmj3HXIX5nqOcafYa9Yn1KBrr0yx3JQIdlvdKYmkKt2M4vfMsGBILgR8P8C79GeOHIZv3qR3V6S7FTrTC6vJN3ZYtOYSZ91PI13LAj41wBlXaj7VxVvY9LGoXSf24-kiGlJym-wyYWMCH4Sl_IddF4QUBfcgw058_LJ9hQ63vnYX1-77byER1Q

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| NREUM object| newrelic function| __nr_require object| dataLayer function| OptanonWrapper function| $ function| jQuery object| googletag object| ggeac object| google_tag_data object| google_js_reporting_queue object| sharelink number| webpageId string| gptZone object| gptTopics function| _ string| tabbableElements function| openFlyout function| closeFlyout function| openMegaDrop function| closeMegaDrop function| megaDropFocusOutside function| saveResponse function| equalHeights function| moveToAnchor function| scrollToTop function| highlightNavigation object| ism object| OtTrustedType object| google_tag_manager string| GoogleAnalyticsObject function| ga object| _linkedin_data_partner_ids boolean| _already_called_lintrk function| fbq function| _fbq object| _ml string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| google_reactive_ads_global_state object| google_tag_topics_state number| google_unique_id object| gaplugins object| gaGlobal object| gaData function| lintrk object| ORIBILI object| GooglebQhCsO function| onYouTubeIframeAPIReady object| regeneratorRuntime object| twttr object| Optanon object| OneTrust function| gtag object| GoogleGcLKhOms object| google_image_requests

23 Cookies

Domain/Path Name / Value
www.infosecurity-magazine.com/news/fake-captcha-campaign-risks Name: ISM.ScreenSize
Value: 1600
.infosecurity-magazine.com/ Name: _gcl_au
Value: 1.1.51333159.1734367768
.infosecurity-magazine.com/ Name: _gid
Value: GA1.2.1692204598.1734367769
.infosecurity-magazine.com/ Name: _gat_UA-7632735-1
Value: 1
.infosecurity-magazine.com/ Name: _fbp
Value: fb.1.1734367770542.92645164175152731
.infosecurity-magazine.com/ Name: _ga_8VSXE5KKGM
Value: GS1.1.1734367770.1.0.1734367770.60.0.0
.infosecurity-magazine.com/ Name: _ga
Value: GA1.1.1167938268.1734367769
.linkedin.com/ Name: li_sugr
Value: 9fcfe16f-9f43-4080-958f-876105f621aa
.linkedin.com/ Name: lidc
Value: "b=VGST02:s=V:r=V:a=V:p=V:g=3401:u=1:x=1:i=1734367770:t=1734454170:v=2:sig=AQFRgU9DY4KO0RqnLc_iHSLdwTKHqrbx"
.linkedin.com/ Name: bcookie
Value: "v=2&d315b660-a550-4d25-8417-d7a1103a7b67"
.doubleclick.net/ Name: IDE
Value: AHWqTUlmKJchxWy00nz3Qx86cYiGnHftuDbRiOV_-KiJeWY5AzRuU26jo42S4q0K
.linkedin.com/ Name: UserMatchHistory
Value: AQJ5F39bh1usFAAAAZPQX_nHcUCb_TPEjuoU3wDskLBWU0GD4YQKr-pk6hVWuDn8QZsiz8SeodP9qw
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ5aLoI597z1wAAAZPQX_nHBYw3Uz5n1fQN5z33ZB4A7cAUOiCVF96-WbKVPjEHGUN6iq2orHQt0SImVbguXA
.infosecurity-magazine.com/ Name: __gads
Value: ID=bde7204e1a60fbce:T=1734367770:RT=1734367770:S=ALNI_MY6S6zGeGsaQtz-RBDhGXnOrS6ofQ
.infosecurity-magazine.com/ Name: __gpi
Value: UID=00000f6d83a3a2bf:T=1734367770:RT=1734367770:S=ALNI_MbZVMJFwOEfaRM1S7Y_3lRJPt7goA
.infosecurity-magazine.com/ Name: __eoi
Value: ID=6c5c68070b2cb712:T=1734367770:RT=1734367770:S=AA-Afja6ccAkQROc9NSvDK0oyBc9
.t.co/ Name: muc_ads
Value: 9d533e63-e265-4010-ac65-75d06f1f175a
.t.co/ Name: __cf_bm
Value: d9Jw4FlvfsDtBJfBZ2q0CLCUDCFkBp3eGx63pCeP0IU-1734367771-1.0.1.1-kio5x065YDQLso96Rhp6HnPOyT4f8_o7oXeFtUuXBy2Ey7pDxWP_QLAPlKU.QmU.B5dXIiL3EBuvKQ1VgunDqA
.twitter.com/ Name: personalization_id
Value: "v1_VYZ4ADbop8fmPx32iun+5w=="
.www.linkedin.com/ Name: bscookie
Value: "v=1&2024121616493183748521-2108-47ed-8a57-ab1d4d52ce89AQEtmFniKiMgCIjBvitFO58rMhCJV3OE"
.linkedin.com/ Name: __cf_bm
Value: 6g.bj13SB.E5msq5BJAO0BB0wCJgJWEfysslw0NBdyA-1734367771-1.0.1.1-qcMPX1Xk5OR_BQAvb.zKYIaFHuxUAHTLKHq_uNf9jBVU9Dl6_ct8s.0.xojMRqD.r0_6Jxh5EjC1GBWgSrceiQ
.infosecurity-magazine.com/ Name: OptanonConsent
Value: isGpcEnabled=0&datestamp=Mon+Dec+16+2024+18%3A49%3A32+GMT%2B0200+(%D7%A9%D7%A2%D7%95%D7%9F+%D7%99%D7%A9%D7%A8%D7%90%D7%9C+(%D7%97%D7%95%D7%A8%D7%A3))&version=202411.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=a3e0c7e9-b8bf-48cf-b96f-85ea16a72346&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Fwww.infosecurity-magazine.com%2Fnews%2Ffake-captcha-campaign-risks%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0
.nr-data.net/ Name: JSESSIONID
Value: 2c1a8eaaefad4b18

20 Console Messages

Source Level URL
Text
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'encrypted-media:'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'layout-animations'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'legacy-image-formats'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'oversized-images'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'speaker-selection'.
security warning
Message:
Error with Feature-Policy header: Unrecognized feature: 'web-share'.
security warning
Message:
Error with Feature-Policy header: Some features are specified in both Feature-Policy and Permissions-Policy header: accelerometer, autoplay, camera, display-capture, fullscreen, geolocation, magnetometer, microphone, midi, payment, picture-in-picture, publickey-credentials-get, sync-xhr, usb, xr-spatial-tracking. Values defined in Permissions-Policy header will be used.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'battery'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'document-domain'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-not-rendered'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'execution-while-out-of-viewport'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'navigation-override'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: 'unsafe-inline' 'unsafe-eval'; upgrade-insecure-requests; block-all-mixed-content
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
analytics.twitter.com
assets.infosecurity-magazine.com
bam.eu01.nr-data.net
cbacde534710f034e82cea4d3ea43cde.safeframe.googlesyndication.com
cdn.cookielaw.org
cdn.jsdelivr.net
connect.facebook.net
ep1.adtrafficquality.google
ep2.adtrafficquality.google
geolocation.onetrust.com
googleads.g.doubleclick.net
in.ml314.com
js-agent.newrelic.com
ml314.com
p.typekit.net
pagead2.googlesyndication.com
px.ads.linkedin.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
td.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.co.il
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.infosecurity-magazine.com
www.linkedin.com
ep1.adtrafficquality.google
104.18.32.137
104.18.86.42
104.244.42.3
13.107.42.14
13.32.99.111
142.250.184.194
142.250.184.206
142.250.184.226
142.250.185.193
142.250.185.194
142.250.185.225
142.250.185.97
142.250.185.98
142.250.186.40
142.250.186.98
146.75.116.157
151.101.129.229
157.240.252.13
157.240.253.35
162.159.140.229
162.247.243.39
172.217.23.100
172.64.146.215
184.24.77.144
184.24.77.146
184.24.77.43
185.221.87.23
216.239.32.181
216.58.206.35
34.117.77.79
35.175.32.137
64.233.184.154
01363ea36a461108817250e3608c09dffd0058064fbc26a27d446d6a32ad2142
01f82cb1953795f14f9a5c758f7eb21ea6774c2e39ec8dad2ab00d152629d4b4
021658094e9c63e2de661c4af87e3ccd5a370e7caf8a70666173cc8578acb383
04d85fdaa240e9c6964c1b3afe75b8802720a8d9a98e6c35f346f599b1113af4
07ac84596d158248a60c2f747f609a508e6e2f1980a23f0608caee79a30291b7
0c5e5da9ad3458d5cbdf9c3262174f7689b8e42a1c7acf3675f7b2feb19afcf7
175801e2fef560a4424186e60faedf1ab4490e6ab3f2b9756b081338c8d00c67
18112857f1e349075b55369c6789129b8e7e9ba4be9e6e6d67fa36ebe89351b9
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
211c3a65a580361b495165518208e385e3299014e0235866e632397acb9d9a84
240355f4e85792fb5c1e46a942e6d797a078d39f8717dfbab666e4e80cb4dd8d
279b6c8b97bfb37476d6d075d1431d85a380ca36ebe6af4146844cfb135c21d6
298718a23e658b099c5c1f9aa683dd448e518e1f6c91c4832d4ccd8fba4a4cdf
2f66cf25254aed9cc93405fb52c07e6750328dcc77551074c82679bf26ec07cd
300735ac477bb7e09ce2725f0031b085e5c86f09903d053ac8e44596731d8780
3405f81271e874078a2cff63ead16afffa5d14f2a96188401d245b26c3fa0ee7
3afadb2c1b557e72372f35ddac45c9638faa3de842363f36e560ab7d1045b32a
3ff6c94500c968027f92ab3d9e099c61e246eacc1cbc5bf8a2d5ec30244420c2
411817052fafe5b730ea57d0d5fd33ad462e6ba141503108ea32a118f0c15f8f
42576f301f888cb1da1a37421b18aeb380f10b159a3e03627c9981c9bf759658
435b3a85baba7cc9c682018aa7d4189fa7af35466ad790b25e19de932932732b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
452e848011addd295fb703e4160153e3d1b126765b6ec39529d4265b7370296d
4ca1e0e518aaf5d78abd4fc78268ac642cb679dbb56a905d2c57a296566a0bba
4e916eb59cd64cce6fc41e3355180f0284ae0edc2602686431e90f2e7f082652
4f8059cfd6739160b9073e937833a58c728a9791b380f27fcf2d047d76951155
50d93a2c186cbd1032ed973e133713a6dfbbd5f7fba4fb89069350f228ce4d81
53fc4495c7705b2373e2b73ec881c82dffb40cfbd744d8e5bd8ba7f5a018575b
545156adeae44dadc82b98d504f805ebe77fb79c928ef34eed1057bb9d4cb8fe
5615cdac4c30b1fb905891f5de1e1dcf7745b6b0ec88cfc89360ee48fc240977
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
778f93243401b2fd6663834b51f4d3f32012d6ee11f40f6169af721331bd1682
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85b50ffe6b0cb56f765532dbac925599ddd984fcaefb0e2590099105dbd044da
902d02d0acf3fc069552c1e5ca214885969fdde60622840985fbc9d84c83b0d3
944a37f694b55de268a0bf52dbae4e12f12c4ae09ee5c8d213ba05075c2865dd
a45a4393f8b7ac978e32ac46f58dad43eb83811a4b3d9f7b79cac1f864edd662
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af6b15d8917bd5ab039b73db5f939c17df1aca2acf7d4ac9d8f44a005edaf6d6
afcda59138d941b76c6cef7da75bcbf0cc1d881c898fa99f34ddc9e255d945d7
b32e08558e6bca6d798ba59ede2cc4da8e3f0e19c5c369be05884bc6d78a1305
b6c524dc5a6a216d118fd3e08d2a6a088b1863cec94f7f7b55ee8a0f54f47d2b
b9e3e437a05d1f4b147fe559b8f22278ced601f2f597664f9c8e78d9750bd20b
bb20d24b99fd1eae4fd77c1e833ce0a4536189961ceb1114fd272ca31e8ebd82
c08e633b39381743b6e6bca9c5922e9aa9ba5f3044c29031b0076a47b4af1927
cbe5296bf61f4ee88ecab204fe1ec3a144660caa32b71d9744f01102286df62a
cf05b33db78a3d7912dac0ca71269dcd90f16451fbafa610f5399c8117597b07
d0e12af8c4e560fe89643639e0c3ed4dc76125c62adeb2879b761d73dbaecf50
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d1a8667cd562187e0f12c7fc55557749bc4ce1a6652f58fdaca9c523cc5d7ad4
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
db5c53c14d38c533ffb508455c4aba4147dee94a0e5afe5c634fba3a3fdc8fc4
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2afa04c9a3e080712c94d68b9c1d33587fddcbaeaba9dfcaf1d53d19f6a280a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b8a90a2870483ace67380ff4a64b39bfecb7952a432393470d76a6614fc62c
e9009eec85895c3db3f7e6841717abb38fd08a99124b10d11cd04783fb8c2ead
eaca6fbddd7f2412dc5cea94293a1d2a9e9a2ab06f853982b09d11381dc08e01
ecde3c0d9f4721fd5bc3989d1e6103966b836786849f65ead031a1c758687ef0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fded88b84aecf0d550b1d26a85a971351a138a573dbd6bd88cb646de1e7ab42a
ff10c1fe39489bf9f57c9dc9e8ccc064dfdfd4dec949636d5deeba2a8f2da2f0
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99